From rodrigorivascosta at gmail.com  Tue Apr  1 04:45:24 2014
From: rodrigorivascosta at gmail.com (Rodrigo Rivas)
Date: Tue, 1 Apr 2014 10:45:24 +0200
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
Message-ID: <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>

On Sun, Mar 30, 2014 at 4:37 AM, Jameson <imntreal at gmail.com> wrote:
> I'm seeing some very strange behavior from my Apache web server, and
> I'm afraid it may have been compromised. Every time I start it, my
> router is saturated with the maximum number of connections it can
> handle, and my access_log starts filling with lines like:

Do you know what looks interesting from you log? Take for example this line

> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151

See? The request asks for all the URL, http:// and host name included,
just as if you were a proxy. The normal GET request for a web server
asks only for the file part ("/pixel.png" in this case). But the most
interesting part is that your apache is replying with "200", that is
OK! And the 151 is the real size of this file, I just checked with
"curl http://ro2.biz/pixel.png | wc -c". I would expect your server to
reply with an error to such a request, not to reply with the real
file.

So my guess is that you have your apache configured as an unrestricted
proxy, somebody discovered it, and is abusing it.

Hope this helps.
-- 
Rodrigo

From enwukaer at gmail.com  Tue Apr  1 09:30:37 2014
From: enwukaer at gmail.com (Nowaker)
Date: Tue, 01 Apr 2014 15:30:37 +0200
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
 <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
Message-ID: <533ABF7D.5000608@gmail.com>


>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151

> But the most interesting part is that your apache is replying with "200", that is OK!

Nice catch! It's certainly a proxy.

 > See? The request asks for all the URL, http:// and host name included,
 > just as if you were a proxy. The normal GET request for a web server
 > asks only for the file part ("/pixel.png" in this case).

It's because of HTTP/1.0 protocol. Should the client use HTTP/1.1, it 
would look more usual.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From lists at sapience.com  Tue Apr  1 20:51:10 2014
From: lists at sapience.com (Genes Lists)
Date: Tue, 01 Apr 2014 20:51:10 -0400
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533B415A.7080709@archlinux.org>
References: <533B3B95.60604@archlinux.org> <533B415A.7080709@archlinux.org>
Message-ID: <533B5EFE.8040203@sapience.com>

On 04/01/2014 06:44 PM, Thomas B?chler wrote:

> Okay, pushed everything to [testing] and [community-testing].

This may just be a mirror sync issue but I am seeing this:
pacman -Syu
...
looking for inter-conflicts...
error: failed to prepare transaction (could not satisfy dependencies)
:: bbswitch: requires linux<3.14
:: virtualbox-guest-modules: requires linux<3.14
:: virtualbox-host-modules: requires linux<3.14

gene

From lists at sapience.com  Tue Apr  1 21:13:06 2014
From: lists at sapience.com (Genes Lists)
Date: Tue, 01 Apr 2014 21:13:06 -0400
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533B5EFE.8040203@sapience.com>
References: <533B3B95.60604@archlinux.org> <533B415A.7080709@archlinux.org>
 <533B5EFE.8040203@sapience.com>
Message-ID: <533B6422.7000605@sapience.com>

On 04/01/2014 08:51 PM, Genes Lists wrote:

> ...
> looking for inter-conflicts...
   Next 2 machines I updated from testing worked fine - neither has 
bumblebee - but they both have virtualbox ... scratching head ...


From lists at sapience.com  Tue Apr  1 21:20:02 2014
From: lists at sapience.com (Genes Lists)
Date: Tue, 01 Apr 2014 21:20:02 -0400
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533B6422.7000605@sapience.com>
References: <533B3B95.60604@archlinux.org> <533B415A.7080709@archlinux.org>
 <533B5EFE.8040203@sapience.com> <533B6422.7000605@sapience.com>
Message-ID: <533B65C2.8090103@sapience.com>

Bah - brain fart - sorry - i had accidently turned off community testing 
on one machine ... no idea how - sorry for noise.

All good.


From magnus at therning.org  Wed Apr  2 03:32:25 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 2 Apr 2014 09:32:25 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
Message-ID: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>

On a newly set up system I've added the [haskell-core] repo [1], but
get stuck with the following message from `pacman`:

~~~~
% sudo pacman -Syy
error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
<magnus at therning.org>" is invalid
:: Synchronising package databases...
 core                                                    108.2 KiB
1335K/s 00:00 [##############################################] 100%
 haskell-testing.sig                                      96.0   B
0.00B/s 00:00 [##############################################] 100%
error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
<magnus at therning.org>" is invalid
error: failed to update haskell-testing (invalid or corrupted database
(PGP signature))
 extra                                                  1565.7 KiB
1947K/s 00:01 [##############################################] 100%
 community                                                 2.1 MiB
1735K/s 00:01 [##############################################] 100%
 multilib                                                115.3 KiB
1746K/s 00:00 [##############################################] 100%
error: database 'haskell-testing' is not valid (invalid or corrupted
database (PGP signature))
~~~~

I've read [2] and verified (to the best of my ability) that I have
correct time settings.  I've also tried resetting the keys, but that
doesn't improve the situation either.

What else could it be?  How do I find out?  What can I do about it?

/M

[1]: https://wiki.archlinux.org/index.php/Haskell_package_guidelines
[2]: https://wiki.archlinux.org/index.php/Pacman-key#Troubleshooting

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

From magnus at therning.org  Wed Apr  2 04:16:04 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 2 Apr 2014 10:16:04 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
Message-ID: <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>

On Wed, Apr 2, 2014 at 9:32 AM, Magnus Therning <magnus at therning.org> wrote:
> On a newly set up system I've added the [haskell-core] repo [1], but
> get stuck with the following message from `pacman`:
>
> ~~~~
> % sudo pacman -Syy
> error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
> <magnus at therning.org>" is invalid
> :: Synchronising package databases...
>  core                                                    108.2 KiB
> 1335K/s 00:00 [##############################################] 100%
>  haskell-testing.sig                                      96.0   B
> 0.00B/s 00:00 [##############################################] 100%
> error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
> <magnus at therning.org>" is invalid
> error: failed to update haskell-testing (invalid or corrupted database
> (PGP signature))
>  extra                                                  1565.7 KiB
> 1947K/s 00:01 [##############################################] 100%
>  community                                                 2.1 MiB
> 1735K/s 00:01 [##############################################] 100%
>  multilib                                                115.3 KiB
> 1746K/s 00:00 [##############################################] 100%
> error: database 'haskell-testing' is not valid (invalid or corrupted
> database (PGP signature))
> ~~~~
>
> I've read [2] and verified (to the best of my ability) that I have
> correct time settings.  I've also tried resetting the keys, but that
> doesn't improve the situation either.
>
> What else could it be?  How do I find out?  What can I do about it?

I think I've found the reason for it:

~~~~
community.db:       gzip compressed data, last modified: Wed Apr  2
04:23:21 2014, from Unix
core.db:            gzip compressed data, last modified: Tue Apr  1
19:08:44 2014, from Unix
extra.db:           gzip compressed data, last modified: Wed Apr  2
01:09:14 2014, from Unix
haskell-testing.db: POSIX tar archive
multilib.db:        gzip compressed data, last modified: Wed Apr  2
05:12:37 2014, from Unix
~~~~

Where and why would un-gzipping strike like this?

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

From rodseth at gmail.com  Wed Apr  2 05:29:14 2014
From: rodseth at gmail.com (=?UTF-8?Q?Alexander_R=C3=B8dseth?=)
Date: Wed, 2 Apr 2014 11:29:14 +0200
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533B65C2.8090103@sapience.com>
References: <533B3B95.60604@archlinux.org> <533B415A.7080709@archlinux.org>
 <533B5EFE.8040203@sapience.com> <533B6422.7000605@sapience.com>
 <533B65C2.8090103@sapience.com>
Message-ID: <CAG7ayyt8A5oXUcDr26GMgcCGFnn9EUSxKkGz7sq9T6eRaGQ1Jg@mail.gmail.com>

Really good job on the 3.14 release! Thanks for keeping everything
clean and simple.

- Alexander R?dseth / xyproto

From thomas at archlinux.org  Wed Apr  2 05:36:37 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Wed, 02 Apr 2014 11:36:37 +0200
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533B5EFE.8040203@sapience.com>
References: <533B3B95.60604@archlinux.org> <533B415A.7080709@archlinux.org>
 <533B5EFE.8040203@sapience.com>
Message-ID: <533BDA25.3090504@archlinux.org>

Am 02.04.2014 02:51, schrieb Genes Lists:
> On 04/01/2014 06:44 PM, Thomas B?chler wrote:
> 
>> Okay, pushed everything to [testing] and [community-testing].
> 
> This may just be a mirror sync issue but I am seeing this:
> pacman -Syu
> ...
> looking for inter-conflicts...
> error: failed to prepare transaction (could not satisfy dependencies)
> :: bbswitch: requires linux<3.14
> :: virtualbox-guest-modules: requires linux<3.14
> :: virtualbox-host-modules: requires linux<3.14

Two problems:

1) findmnt/libmount broken with 3.14 - fixing that now.
2) util-linux/switch_root has problems (this seems like the same issue),
see https://bbs.archlinux.org/viewtopic.php?pid=1399663


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/6558b770/attachment.asc>

From neal.oakey at googlemail.com  Wed Apr  2 05:44:58 2014
From: neal.oakey at googlemail.com (Neal Oakey)
Date: Wed, 02 Apr 2014 11:44:58 +0200
Subject: [arch-general] [arch-dev-public] CAcert dropped from certificate
	bundle
In-Reply-To: <5339CD28.1030805@googlemail.com>
References: <5339CD28.1030805@googlemail.com>
Message-ID: <533BDC1A.1080600@googlemail.com>

Hi all,

because I can't send this to the arch-dev-public mailing list I will
send this here:

In my opinion, only because Debian drops the support for something this
doesn't mean that we should do the same.

And if you look at the Bugreport you will notice that the Information on
which Debian is basing their argumentation is old.

For more current information you can see: (sorry I know it's on German)
http://www.heise.de/netze/meldung/CAcert-reagiert-auf-Zertifikatsrauswurf-2156226.html

Or http://wiki.cacert.org/Roots/EscrowAndRecovery/NRE which isn't so
detailed, but should be up to date.

Greetings,
Neal

> Hi all,
>
> Debian has decided to drop the root certificate of CAcert.org they used
> to ship with their ca-certificates package. As our pacakge is based on
> Debian's the latest ca-certficates package in [testing] also lack the
> CAcert certificate.
>
> If we intent to keep it that way we should also remove the patch from
> our nss package: 
> https://projects.archlinux.de/svntogit/packages.git/tree/trunk/add_spi+cacert_ca_certs.patch?h=packages/nss
>
> The Debian bug report can be found at
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434
>
> I added the certs to our bundles in 2009. Unfortunately there is no
> visible progress regarding their inclusion in browsers from Mozilla,
> Google and Microsoft.
>
> Realistically I cannot vouch for any of the CAs we ship. That's one
> reason why we push that responsibility upstream to e.g. the Debian
> project or Mozilla.
>
> What do you think? Imho we should keep follow Debian here. Other
> solutions would be to patch it back in or ship a separate optional
> package; though that might be impossible for nss.
>
> Greetings,
>
> Pierre
>
> -- 
> Pierre Schmitz, https://pierre-schmitz.com <https://pierre-schmitz.com/>
>





From danielmicay at gmail.com  Wed Apr  2 08:20:58 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 08:20:58 -0400
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533BDC1A.1080600@googlemail.com>
References: <5339CD28.1030805@googlemail.com> <533BDC1A.1080600@googlemail.com>
Message-ID: <533C00AA.7040602@gmail.com>

On 02/04/14 05:44 AM, Neal Oakey wrote:
> Hi all,
> 
> because I can't send this to the arch-dev-public mailing list I will
> send this here:
> 
> In my opinion, only because Debian drops the support for something this
> doesn't mean that we should do the same.
> 
> And if you look at the Bugreport you will notice that the Information on
> which Debian is basing their argumentation is old.
> 
> For more current information you can see: (sorry I know it's on German)
> http://www.heise.de/netze/meldung/CAcert-reagiert-auf-Zertifikatsrauswurf-2156226.html
> 
> Or http://wiki.cacert.org/Roots/EscrowAndRecovery/NRE which isn't so
> detailed, but should be up to date.
> 
> Greetings,
> Neal

Mozilla and Debian have both explicitly rejected including CAcert as a
certificate authority Mozilla requires an audit by an unbiased third
party in order to show a reasonable proof of security.

https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/

If and when CAcert ever gets their act together and is able to pass an
audit, Mozilla will likely include it.

Until then, there are plenty of other certificate authorities with free
certificates that are also included in every major browser / operating
system. For example:

https://www.startssl.com/?app=1

It certainly doesn't help that CAcert seems to be a pile of PHP written
in a dialect with little hope of stopping SQL injection, as they're
manually building statements and escaping.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/5e170410/attachment.asc>

From kyle at gmx.ca  Wed Apr  2 08:43:53 2014
From: kyle at gmx.ca (Kyle)
Date: Wed, 02 Apr 2014 08:43:53 -0400
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C00AA.7040602@gmail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
Message-ID: <533C0609.5030708@gmx.ca>

According to Daniel Micay:
# Until then, there are plenty of other certificate authorities with free
# certificates that are also included in every major browser / operating
# system. For example:
#
# https://www.startssl.com/?app=1

I initially became interested in CAcert not only because of its free
cost, but more importantly because they employ a web of trust community
of assurers for additional validation of certificates. I wasn't aware
that StartSSL provided such a validation mechanism, but it appears that
they do. I'll be taking a much closer look at this certificate
authority. Thanks.
~Kyle
http://kyle.tk/
-- 
"Kyle? ... She calls her cake, Kyle?"
Out of This World, season 2 episode 21 - "The Amazing Evie"

From ce.mohammad.alsaleh at gmail.com  Wed Apr  2 10:08:13 2014
From: ce.mohammad.alsaleh at gmail.com (Mohammad_AlSaleh)
Date: Wed, 2 Apr 2014 17:08:13 +0300
Subject: [arch-general] Linux 3.14: Kenel panic in radeon code
Message-ID: <20140402140813.GA12703@mail>

Hello.

testing/linux-3.14-1 x86-64

The kernel panicked  while starting X. The errors dumped pointed to
the radeon module.

Is anyone else seeing this regression?

From neal.oakey at googlemail.com  Wed Apr  2 11:31:05 2014
From: neal.oakey at googlemail.com (Neal Oakey)
Date: Wed, 02 Apr 2014 17:31:05 +0200
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C00AA.7040602@gmail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
Message-ID: <533C2D39.70306@googlemail.com>

Hi,

well until now all of this wasn't a problem, so why has it now become one?


And well if you have a look at startssl, well they may be offering free
certs but only single domain and just use the plain "things".

  * It doesn't allow commercial usage
  * "only" valid for 1 year
  * located in Israel (don't know if this should be good or bad)


There maybe still quite a few things that have to be worked on at CAcert
but still I currently would say,
that I rather trust CAcert signed certs than any other.


I mean look at all this fuckup that these firms are doing:

... some have been removed already:

  * Revoking Trust in one ANSSI Certificate (*.google.com)
  * Revoking Trust in Two TurkTrust Certificates (*.google.com)
  * Revoking Trust in DigiCert Sdn. Bhd Intermediate Certificate
    Authority (week certs)
  * Fraudulent *.google.com Certificate ... => DigiNotar Removal Follow Up
  * Firefox Blocking Fraudulent Certificates ... => Comodo Certificate
    Issue -- Follow Up

... but I still see many problems:

  * Chromium still has (all|many) of the cert, which I listed above
  * still including many 1024 bit keys! (*1)
  * to many CAs have issued other RootCA (like for e.g.: Tekecom > DFN >
    every fucking university in Germany (*2))
  * and how far we still can trust CAs from America, where the NSA seams
    to be fiddling around in the security of all important firms, I
    can't really say



*1:
> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt: 1024 bit
> /usr/share/ca-certificates/mozilla/Equifax_Secure_eBusiness_CA_1.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Equifax_Secure_Global_eBusiness_CA.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/NetLock_Business_=Class_B=_Root.crt: 1024
> bit
> /usr/share/ca-certificates/mozilla/NetLock_Express_=Class_C=_Root.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Thawte_Premium_Server_CA.crt: 1024 bit
> /usr/share/ca-certificates/mozilla/Thawte_Server_CA.crt: 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt:
> 1024 bit
> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt:
> 1024 bit

*2:
if you ask me, this is just waiting for miss usage, as every university
(or person which could get access to there CAs) in Germany could issue a
cert for [your-bank.com]


Greetings,
Neal

Am 02.04.2014 14:20, schrieb Daniel Micay:
> On 02/04/14 05:44 AM, Neal Oakey wrote:
>> Hi all,
>>
>> because I can't send this to the arch-dev-public mailing list I will
>> send this here:
>>
>> In my opinion, only because Debian drops the support for something this
>> doesn't mean that we should do the same.
>>
>> And if you look at the Bugreport you will notice that the Information on
>> which Debian is basing their argumentation is old.
>>
>> For more current information you can see: (sorry I know it's on German)
>> http://www.heise.de/netze/meldung/CAcert-reagiert-auf-Zertifikatsrauswurf-2156226.html
>>
>> Or http://wiki.cacert.org/Roots/EscrowAndRecovery/NRE which isn't so
>> detailed, but should be up to date.
>>
>> Greetings,
>> Neal
> Mozilla and Debian have both explicitly rejected including CAcert as a
> certificate authority Mozilla requires an audit by an unbiased third
> party in order to show a reasonable proof of security.
>
> https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
>
> If and when CAcert ever gets their act together and is able to pass an
> audit, Mozilla will likely include it.
>
> Until then, there are plenty of other certificate authorities with free
> certificates that are also included in every major browser / operating
> system. For example:
>
> https://www.startssl.com/?app=1
>
> It certainly doesn't help that CAcert seems to be a pile of PHP written
> in a dialect with little hope of stopping SQL injection, as they're
> manually building statements and escaping.
>


From danielmicay at gmail.com  Wed Apr  2 11:55:24 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 11:55:24 -0400
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C2D39.70306@googlemail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
 <533C2D39.70306@googlemail.com>
Message-ID: <533C32EC.3050906@gmail.com>

On 02/04/14 11:31 AM, Neal Oakey wrote:
> Hi,
> 
> well until now all of this wasn't a problem, so why has it now become one?

It's becoming clearer that CAcert isn't going to be passing a third
party audit any time soon. Our only view into it is the open-source code
they've made available, and messy wiki documentation. The quality of the
code is not exactly comforting - whoever wrote most of it didn't seem to
be aware of prepared statements...

> And well if you have a look at startssl, well they may be offering free
> certs but only single domain and just use the plain "things".
> 
>   * It doesn't allow commercial usage
>   * "only" valid for 1 year

A CAcert certificate isn't trusted in most major browsers or operating
systems, regardless of whether Arch ships it. That's a bigger
inconvenience and makes it quite useless for commercial usage. This
isn't the only example of a free TLS certificate anyway.

>   * located in Israel (don't know if this should be good or bad)

CAcert is located in Australia. Both are US allies and cooperate with US
spying, if your point has something to do with the NSA. It's not like
Australia doesn't have an active spy agency.

> There maybe still quite a few things that have to be worked on at CAcert
> but still I currently would say,
> that I rather trust CAcert signed certs than any other.

You're free to add it if you trust them. Debian and Mozilla don't trust
them, and Pierre has made it clear that he's not in a position to vouch
for them either.

> I mean look at all this fuckup that these firms are doing:
> 
> ... some have been removed already:
> 
>   * Revoking Trust in one ANSSI Certificate (*.google.com)
>   * Revoking Trust in Two TurkTrust Certificates (*.google.com)
>   * Revoking Trust in DigiCert Sdn. Bhd Intermediate Certificate
>     Authority (week certs)
>   * Fraudulent *.google.com Certificate ... => DigiNotar Removal Follow Up
>   * Firefox Blocking Fraudulent Certificates ... => Comodo Certificate
>     Issue -- Follow Up
> 
> ... but I still see many problems:
> 
>   * Chromium still has (all|many) of the cert, which I listed above
>   * still including many 1024 bit keys! (*1)
>   * to many CAs have issued other RootCA (like for e.g.: Tekecom > DFN >
>     every fucking university in Germany (*2))
>   * and how far we still can trust CAs from America, where the NSA seams
>     to be fiddling around in the security of all important firms, I
>     can't really say

The US government is far from the only country with spy agencies. The CA
system won't protect you from national governments, but it does a pretty
good job providing protection from other entities. A certificate
authority like CAcert without even a minimum level of security or
auditing in place is a liability when it comes to this.

Chromium no longer relies on the CA system for Google domains at all, it
simply pins the certificates instead. See
http://www.certificate-transparency.org/ for an example of the work
that's been done on to the CA system. It's a technical solution with
Google's political capital behind it. A CA not implementing it will have
EV (shiny green bar) revoked, and this happens to be a major source of
revenue for them.

> *1:
>> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt: 1024 bit
>> /usr/share/ca-certificates/mozilla/Equifax_Secure_eBusiness_CA_1.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Equifax_Secure_Global_eBusiness_CA.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/NetLock_Business_=Class_B=_Root.crt: 1024
>> bit
>> /usr/share/ca-certificates/mozilla/NetLock_Express_=Class_C=_Root.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Thawte_Premium_Server_CA.crt: 1024 bit
>> /usr/share/ca-certificates/mozilla/Thawte_Server_CA.crt: 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt:
>> 1024 bit
>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt:
>> 1024 bit
> 
> *2:
> if you ask me, this is just waiting for miss usage, as every university
> (or person which could get access to there CAs) in Germany could issue a
> cert for [your-bank.com]

Trusting CAcert in addition to these certificate authorities will not
improve the situation. At least these certificate authorities are
competent enough to pass third party audits.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/4448b704/attachment.asc>

From magnus at therning.org  Wed Apr  2 11:56:40 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 2 Apr 2014 17:56:40 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
Message-ID: <20140402155640.GA1166@tatooine.lan>

On Wed, Apr 02, 2014 at 10:16:04AM +0200, Magnus Therning wrote:
> On Wed, Apr 2, 2014 at 9:32 AM, Magnus Therning <magnus at therning.org> wrote:
> > On a newly set up system I've added the [haskell-core] repo [1], but
> > get stuck with the following message from `pacman`:
> >
> > ~~~~
> > % sudo pacman -Syy
> > error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
> > <magnus at therning.org>" is invalid
> > :: Synchronising package databases...
> >  core                                                    108.2 KiB
> > 1335K/s 00:00 [##############################################] 100%
> >  haskell-testing.sig                                      96.0   B
> > 0.00B/s 00:00 [##############################################] 100%
> > error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
> > <magnus at therning.org>" is invalid
> > error: failed to update haskell-testing (invalid or corrupted database
> > (PGP signature))
> >  extra                                                  1565.7 KiB
> > 1947K/s 00:01 [##############################################] 100%
> >  community                                                 2.1 MiB
> > 1735K/s 00:01 [##############################################] 100%
> >  multilib                                                115.3 KiB
> > 1746K/s 00:00 [##############################################] 100%
> > error: database 'haskell-testing' is not valid (invalid or corrupted
> > database (PGP signature))
> > ~~~~
> >
> > I've read [2] and verified (to the best of my ability) that I have
> > correct time settings.  I've also tried resetting the keys, but that
> > doesn't improve the situation either.
> >
> > What else could it be?  How do I find out?  What can I do about it?
> 
> I think I've found the reason for it:
> 
> ~~~~
> community.db:       gzip compressed data, last modified: Wed Apr  2
> 04:23:21 2014, from Unix
> core.db:            gzip compressed data, last modified: Tue Apr  1
> 19:08:44 2014, from Unix
> extra.db:           gzip compressed data, last modified: Wed Apr  2
> 01:09:14 2014, from Unix
> haskell-testing.db: POSIX tar archive
> multilib.db:        gzip compressed data, last modified: Wed Apr  2
> 05:12:37 2014, from Unix
> ~~~~
> 
> Where and why would un-gzipping strike like this?

And now I've confirmed that this un-gzipping doesn't happen on my
private computer at home.  So, what's causing this un-gzipping of the
downloaded repo db, I wonder?

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

Perl is another example of filling a tiny, short-term need, and then
being a real problem in the longer term.
     -- Alan Kay
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/2ec11b58/attachment.asc>

From admin at progandy.de  Wed Apr  2 12:09:16 2014
From: admin at progandy.de (ProgAndy)
Date: Wed, 02 Apr 2014 18:09:16 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <20140402155640.GA1166@tatooine.lan>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan>
Message-ID: <533C362C.3080207@progandy.de>

Am 02.04.2014 17:56, schrieb Magnus Therning:
> On Wed, Apr 02, 2014 at 10:16:04AM +0200, Magnus Therning wrote:
>> On Wed, Apr 2, 2014 at 9:32 AM, Magnus Therning <magnus at therning.org> wrote:
>>> On a newly set up system I've added the [haskell-core] repo [1], but
>>> get stuck with the following message from `pacman`:
>>>
>>> ~~~~
>>> % sudo pacman -Syy
>>> error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
>>> <magnus at therning.org>" is invalid
>>> :: Synchronising package databases...
>>>   core                                                    108.2 KiB
>>> 1335K/s 00:00 [##############################################] 100%
>>>   haskell-testing.sig                                      96.0   B
>>> 0.00B/s 00:00 [##############################################] 100%
>>> error: haskell-testing: signature from "ArchHaskell (Magnus Therning)
>>> <magnus at therning.org>" is invalid
>>> error: failed to update haskell-testing (invalid or corrupted database
>>> (PGP signature))
>>>   extra                                                  1565.7 KiB
>>> 1947K/s 00:01 [##############################################] 100%
>>>   community                                                 2.1 MiB
>>> 1735K/s 00:01 [##############################################] 100%
>>>   multilib                                                115.3 KiB
>>> 1746K/s 00:00 [##############################################] 100%
>>> error: database 'haskell-testing' is not valid (invalid or corrupted
>>> database (PGP signature))
>>> ~~~~
>>>
>>> I've read [2] and verified (to the best of my ability) that I have
>>> correct time settings.  I've also tried resetting the keys, but that
>>> doesn't improve the situation either.
>>>
>>> What else could it be?  How do I find out?  What can I do about it?
>> I think I've found the reason for it:
>>
>> ~~~~
>> community.db:       gzip compressed data, last modified: Wed Apr  2
>> 04:23:21 2014, from Unix
>> core.db:            gzip compressed data, last modified: Tue Apr  1
>> 19:08:44 2014, from Unix
>> extra.db:           gzip compressed data, last modified: Wed Apr  2
>> 01:09:14 2014, from Unix
>> haskell-testing.db: POSIX tar archive
>> multilib.db:        gzip compressed data, last modified: Wed Apr  2
>> 05:12:37 2014, from Unix
>> ~~~~
>>
>> Where and why would un-gzipping strike like this?
> And now I've confirmed that this un-gzipping doesn't happen on my
> private computer at home.  So, what's causing this un-gzipping of the
> downloaded repo db, I wonder?
>
> /M
>
There may be a transparent proxy in your routing chain that strips 
compression in order to run a virus scan.
The server sends these headers for haskell-core.db
( curl -I http://xsounds.org/~haskell/core/x86_64/haskell-core.db )

     Content-Type: application/x-tar
     Content-Encoding: x-gzip

It might work as expected without a Content-Encoding header:

Content-Type: application/x-gzip

From enwukaer at gmail.com  Wed Apr  2 12:39:15 2014
From: enwukaer at gmail.com (Nowaker)
Date: Wed, 02 Apr 2014 18:39:15 +0200
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C32EC.3050906@gmail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
 <533C2D39.70306@googlemail.com> <533C32EC.3050906@gmail.com>
Message-ID: <533C3D33.8010007@gmail.com>

> It's becoming clearer that CAcert isn't going to be passing a third
> party audit any time soon. Our only view into it is the open-source code
> they've made available, and messy wiki documentation. The quality of the
> code is not exactly comforting - whoever wrote most of it didn't seem to
> be aware of prepared statements...

Unfortunately, it's true. But  note that you will *never* know if these 
"profesionally" "audited" SSL issuers are aware of prepared statements 
or not. I don't want to name the company that I used to use which has an 
always-failing admin panel where you never know what the button is going 
to do every time you click it. No docs can help it.

I would tend to trust CAcert more than anyone else if only their code 
was clean. Because it's not I consider them as risky as "professional" 
SSL issuers where you never know what's behind the scenes. Internets 
really need commerce-, government- and regulation-free SSL issuers like 
CAcert. Hope they HTFU and get their code written well some day.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From enwukaer at gmail.com  Wed Apr  2 12:47:52 2014
From: enwukaer at gmail.com (Nowaker)
Date: Wed, 02 Apr 2014 18:47:52 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C362C.3080207@progandy.de>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
Message-ID: <533C3F38.6010402@gmail.com>

> There may be a transparent proxy in your routing chain that strips
> compression in order to run a virus scan.

Time for SSL-securing Arch Linux repos to prevent any sort of 
man-in-the-middle attacks? Even such trivial things like compression 
stripping, or image optimization often performed by mobile internet 
providers is a man-in-the-middle. This should be fought by any means.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From danielmicay at gmail.com  Wed Apr  2 13:00:00 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 13:00:00 -0400
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C3F38.6010402@gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <533C3F38.6010402@gmail.com>
Message-ID: <533C4210.1070301@gmail.com>

On 02/04/14 12:47 PM, Nowaker wrote:
>> There may be a transparent proxy in your routing chain that strips
>> compression in order to run a virus scan.
> 
> Time for SSL-securing Arch Linux repos to prevent any sort of
> man-in-the-middle attacks? Even such trivial things like compression
> stripping, or image optimization often performed by mobile internet
> providers is a man-in-the-middle. This should be fought by any means.

Packages are already signed, and pacman has support for signing the
repositories. Using TLS for repositories is close to useless because the
mirrors are not *really* trusted entities, and the CA system is a broken
alternative to the solid archlinux-keyring package.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/645e8714/attachment.asc>

From danielmicay at gmail.com  Wed Apr  2 13:01:43 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 13:01:43 -0400
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C4210.1070301@gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <533C3F38.6010402@gmail.com> <533C4210.1070301@gmail.com>
Message-ID: <533C4277.5010604@gmail.com>

On 02/04/14 01:00 PM, Daniel Micay wrote:
> On 02/04/14 12:47 PM, Nowaker wrote:
>>> There may be a transparent proxy in your routing chain that strips
>>> compression in order to run a virus scan.
>>
>> Time for SSL-securing Arch Linux repos to prevent any sort of
>> man-in-the-middle attacks? Even such trivial things like compression
>> stripping, or image optimization often performed by mobile internet
>> providers is a man-in-the-middle. This should be fought by any means.
> 
> Packages are already signed, and pacman has support for signing the
> repositories. Using TLS for repositories is close to useless because the
> mirrors are not *really* trusted entities, and the CA system is a broken
> alternative to the solid archlinux-keyring package.

We aren't actually signing the sync databases yet, but should be. Even
if it means using a low-trust key on the servers, it would need to be
treated differently than the package signing keys if it was a lower
trust level though, because it shouldn't be able to sign packages.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/00037370/attachment.asc>

From admin at progandy.de  Wed Apr  2 13:22:06 2014
From: admin at progandy.de (ProgAndy)
Date: Wed, 02 Apr 2014 19:22:06 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C4277.5010604@gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <533C3F38.6010402@gmail.com> <533C4210.1070301@gmail.com>
 <533C4277.5010604@gmail.com>
Message-ID: <533C473E.8010907@progandy.de>

Am 02.04.2014 19:01, schrieb Daniel Micay:
> On 02/04/14 01:00 PM, Daniel Micay wrote:
>> On 02/04/14 12:47 PM, Nowaker wrote:
>>>> There may be a transparent proxy in your routing chain that strips
>>>> compression in order to run a virus scan.
>>> Time for SSL-securing Arch Linux repos to prevent any sort of
>>> man-in-the-middle attacks? Even such trivial things like compression
>>> stripping, or image optimization often performed by mobile internet
>>> providers is a man-in-the-middle. This should be fought by any means.
>> Packages are already signed, and pacman has support for signing the
>> repositories. Using TLS for repositories is close to useless because the
>> mirrors are not *really* trusted entities, and the CA system is a broken
>> alternative to the solid archlinux-keyring package.
> We aren't actually signing the sync databases yet, but should be. Even
> if it means using a low-trust key on the servers, it would need to be
> treated differently than the package signing keys if it was a lower
> trust level though, because it shouldn't be able to sign packages.
>
Maybe require all certificates used for package signing to have the 
"codeSigning" capability? The database certificate won't have that flag.

From lisaev at umail.iu.edu  Wed Apr  2 13:32:51 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Wed, 2 Apr 2014 13:32:51 -0400
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C3F38.6010402@gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <533C3F38.6010402@gmail.com>
Message-ID: <20140402133251.45c2fa08@hermes>

On Wed, 02 Apr 2014 18:47:52 +0200
Nowaker <enwukaer at gmail.com> wrote:

> > There may be a transparent proxy in your routing chain that strips
> > compression in order to run a virus scan.
> 
> Time for SSL-securing Arch Linux repos to prevent any sort of 
> man-in-the-middle attacks? Even such trivial things like compression 
> stripping, or image optimization often performed by mobile internet 
> providers is a man-in-the-middle. This should be fought by any means.
> 

If you are talking about mirrors, then look at 
https://www.archlinux.org/mirrorlist/all/https/ . At least in my experience,
using tls allows to evade certain routers which redirect to a captive
portal if plain http is used, but don't touch encrypted traffic (e.g. if you
are in a hotel and need to install something).

However, tls adds CPU overhead and is not a way to fight broken ISPs and
proxies/routers.

Cheers,
-- 
Leonid Isaev
GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/ebfb7610/attachment.asc>

From lisaev at umail.iu.edu  Wed Apr  2 13:57:44 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Wed, 2 Apr 2014 13:57:44 -0400
Subject: [arch-general] Using timers instead of cron jobs
Message-ID: <20140402135744.38753d1c@hermes>

Hi,

	On a current [testing] installation, there are several timer symlinks
in /usr/lib/systemd/system/multi-user.target.wants (shipped with logrotate,
man-db, etc.). What is the reason for choosing multi-user.target instead of
timers.target?

Thanks,
-- 
Leonid Isaev
GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/5aa99029/attachment.asc>

From thomas at archlinux.org  Wed Apr  2 14:21:59 2014
From: thomas at archlinux.org (=?ISO-8859-1?Q?Thomas_B=E4chler?=)
Date: Wed, 02 Apr 2014 20:21:59 +0200
Subject: [arch-general] Using timers instead of cron jobs
In-Reply-To: <20140402135744.38753d1c@hermes>
References: <20140402135744.38753d1c@hermes>
Message-ID: <533C5547.2060308@archlinux.org>

Am 02.04.2014 19:57, schrieb Leonid Isaev:
> Hi,
> 
> 	On a current [testing] installation, there are several timer symlinks
> in /usr/lib/systemd/system/multi-user.target.wants (shipped with logrotate,
> man-db, etc.). What is the reason for choosing multi-user.target instead of
> timers.target?

It makes no sense to run these timers in rescue mode. They are supposed
to be run only during normal system operation, therefore they are
required by multi-user.target.

The timer's default dependencies however still require the timers to run
before timers.target.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/8079eb33/attachment.asc>

From drankinatty at suddenlinkmail.com  Wed Apr  2 16:10:39 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Wed, 02 Apr 2014 15:10:39 -0500
Subject: [arch-general] Apache 2.4 - Pierre was right,
	a post on the front page is needed
Message-ID: <533C6EBF.7050708@suddenlinkmail.com>

All,

  The upgrade to apache 2.4 can present a real challenge for those relying on
mod_php, mod_ssl and vhosts. On 2/27 on Arch-dev, Pierre suggested: "Anyway, I
suggest in the end we should post an announcement on the front page." He was right.

  Having a few moments today to bring a production server up to date, I checked
www.archlinux.org for any current warnings about breakage or that user
interaction would be required for update. Finding none, I updated, and on reboot
Apache 2.4 was dead in the water. WTF?

  Searching I find the mpm_prefork issue, since my groupware (eGroupWare) relies
on mod_php. The mpm_prefork change seemed simple enough, but the server
continued to fail to start. The Order deny,allow statements were rejected,
numerous modules had been added/removed/renamed and httpd-ssl.conf and
httpd-vhosts.conf configs failed. An hour later, after config rewrites, httpd
came back to life, but will require additional study to confirm the new module
mix and groupware operation.

  Don't get me wrong, this isn't a complaint, you guys do a fantastic job
keeping arch on current release packages, but when updates to critical server
applications will break existing configurations, or require user interaction,
there should be a note on the front page of www.archlinux.org.

  This is simply to allow admins/users to adequately schedule time for an update
requiring intervention when it will differ from the standard update/reboot
scenario. What server packages should be considered critical? Any of the core
server apps (web: apache/php, mail, auth routines, ssl/tls, etc), that will
render a required part of a typical business server broken, it should be flagged.

  Thanks for the hard work, and so far, the sky hasn't fallen since the apache
2.4 update. Just don't get rid of mod_php, mod_fastcgi + php-fpm isn't a drop in
replacement in all cases.

-- 
David C. Rankin, J.D.,P.E.

From drankinatty at suddenlinkmail.com  Wed Apr  2 17:32:00 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Wed, 02 Apr 2014 16:32:00 -0500
Subject: [arch-general] [arch-dev-public] Trimming down our default
 kernel configuration
In-Reply-To: <10823926.OKDNgsrcXp@fortune.local>
References: <533322DA.9000308@archlinux.org> <5334AB09.1000605@archlinux.org>
 <1735640.h2eutmvgLo@fortune.local> <10823926.OKDNgsrcXp@fortune.local>
Message-ID: <533C81D0.9080303@suddenlinkmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/28/2014 04:00 PM, Arthur ?i?eic? wrote:
> My conclusions so far: there's no difference between the stock -ARCH kernel 
> and my -NOLSM build in which I disabled all LSMs (and hence audit).
> 
> Note: the final test with 500000 files for the rotational disk isn't finished 
> yet because... really... I shaved twice during the HDD tests.
> 
> A side note regarding these tests: SSDs act according to their fame and HDDs 
> are as misleading as a daily horoscope.
> 
> I do plan to also test a no-debug but LSM enabled kernel even if it's just for 
> the sake of statistics.
> 
> ? https://dl.dropboxusercontent.com/u/29107946/linux-lsm/postmark-test.ods

Arthur,

  Thank you for taking the time to do these tests. At least this provides a bit
of real-world performance data to consider. Please provide a link to the
no-debug LSM enabled kernel data when you have shaved twice-more. I'll see if I
can make a graph or two from the postmark-test.ods file. (my arts & crafts
skills are a bit rusty, so no promises)

- -- 
David C. Rankin, J.D.,P.E.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlM8gc8ACgkQZMpuZ8CyrciWAgCePOf/0hN74giwdRUCpsHbUD5T
3iwAniygx5ouCZbna7VwpZMCaXbcPZKs
=3mLX
-----END PGP SIGNATURE-----

From neal.oakey at googlemail.com  Wed Apr  2 17:46:33 2014
From: neal.oakey at googlemail.com (Neal Oakey)
Date: Wed, 02 Apr 2014 23:46:33 +0200
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C83B4.6090801@cacert.org>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
 <533C2D39.70306@googlemail.com> <533C32EC.3050906@gmail.com>
 <533C3BD2.9030302@cacert.org> <533C83B4.6090801@cacert.org>
Message-ID: <533C8539.6090403@googlemail.com>

Hi,

here you have some more detailed informations (see quote).

Greetings,
Neal

Am 02.04.2014 23:40, schrieb Benny Baumann:
> Hi,
>
> Am 02.04.2014 18:33, schrieb Neal Oakey:
>> mit freundlichen Gruessen / best regards
>> Neal Thomas Oakey
>> CAcert Assurer, CAcert Event Organisation
>> CAcert.org - Free Certificates
>> E-Mail: neal at cacert.org 
>>
>> Am 02.04.2014 17:55, schrieb Daniel Micay:
>>> On 02/04/14 11:31 AM, Neal Oakey wrote:
>>>> Hi,
>>>>
>>>> well until now all of this wasn't a problem, so why has it now become one?
>>> It's becoming clearer that CAcert isn't going to be passing a third
>>> party audit any time soon. Our only view into it is the open-source code
> We are lacking man-power to work on solving the issues found by the
> currently running audit. Details at
> https://blog.cacert.org/2014/03/cacert-appoints-internal-auditor/
>>> they've made available, and messy wiki documentation. The quality of the
> Anybody is free to help clean it up ...
>>> code is not exactly comforting - whoever wrote most of it didn't seem to
>>> be aware of prepared statements...
> Which were not available when most of the code was written. And changing
> the code now - which is being worked on (cf. bug #1260) will take time
> and draw manpower from other places.
>>>> And well if you have a look at startssl, well they may be offering free
>>>> certs but only single domain and just use the plain "things".
>>>>
>>>>   * It doesn't allow commercial usage
>>>>   * "only" valid for 1 year
>>> A CAcert certificate isn't trusted in most major browsers or operating
>>> systems, regardless of whether Arch ships it. That's a bigger
> StartSSL isn't any safer just because most browsers ship them. And given
> their history (3 days from founding to entering the browser stores -
> you're kidding me, right)?
>
> And based on their crypto profile on the website (what their server
> offers) you won't gain any confidence either.
>>> inconvenience and makes it quite useless for commercial usage. This
> Oh, funny. I know first hand that Allianz insurance and Edigas
> consortium accept CAcert as advanced signatures and thus for legally
> signing your business mails. Not to mention all the other businesses
> using CAcert:
> https://blog.cacert.org/2013/07/natural-gas-industry-accepts-cacert-gas-industrie-setzt-auf-cacert/
> http://rootca.allianz.com/en/secumail_calist.htm
> http://wiki.cacert.org/OrganisationAssurance/OrganisationList?highlight=%28CategoryOrganisationAssurance%29
>
> Doesn't look like it for me ... ;-)
>>> isn't the only example of a free TLS certificate anyway.
> Free beer vs. free speech ...
>>>>   * located in Israel (don't know if this should be good or bad)
>>> CAcert is located in Australia. Both are US allies and cooperate with US
>>> spying, if your point has something to do with the NSA. It's not like
>>> Australia doesn't have an active spy agency.
> Funny. Isn't like Israel is any safer from spying. Not to mention the US
> where Verisign, GoDaddy, GeoTrust, ... and many other big players reside.
>
> Furthermore you should note that there is a motion which was passed
> recently by CAcert Inc.'s board to move the incorperation to another
> country. Which doesn't change the fact that even now the root keys are
> neither in the US nor in Australia - both information which CAN be found
> on the CAcert wiki:
> http://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20140112?highlight=(\bCategoryBoardMinutes\b)
> And the whereabouts of the keys can be found by looking at the
> documentation of the infrastructure systems.
>>>> There maybe still quite a few things that have to be worked on at CAcert
>>>> but still I currently would say,
>>>> that I rather trust CAcert signed certs than any other.
> Which I currently do on all my systems; all other certificates are handled TOFU.
>
>>> You're free to add it if you trust them. Debian and Mozilla don't trust
>>> them, and Pierre has made it clear that he's not in a position to vouch
>>> for them either.
> Debian removed them based on arguments sufficient to clear half of the
> Mozilla store. Not to mention that the "there might be bugs in their
> software" argument would cause the Mozilla store to be empty - some
> outcome I'd really prefer to see as it'd be the ONLY honest one.
>>>> I mean look at all this fuckup that these firms are doing:
>>>>
>>>> ... some have been removed already:
>>>>
>>>>   * Revoking Trust in one ANSSI Certificate (*.google.com)
>>>>   * Revoking Trust in Two TurkTrust Certificates (*.google.com)
>>>>   * Revoking Trust in DigiCert Sdn. Bhd Intermediate Certificate
>>>>     Authority (week certs)
>>>>   * Fraudulent *.google.com Certificate ... => DigiNotar Removal Follow Up
>>>>   * Firefox Blocking Fraudulent Certificates ... => Comodo Certificate
>>>>     Issue -- Follow Up
>>>>
>>>> ... but I still see many problems:
>>>>
>>>>   * Chromium still has (all|many) of the cert, which I listed above
>>>>   * still including many 1024 bit keys! (*1)
>>>>   * to many CAs have issued other RootCA (like for e.g.: Tekecom > DFN >
>>>>     every fucking university in Germany (*2))
>>>>   * and how far we still can trust CAs from America, where the NSA seams
>>>>     to be fiddling around in the security of all important firms, I
>>>>     can't really say
>>> The US government is far from the only country with spy agencies. The CA
>>> system won't protect you from national governments, but it does a pretty
>>> good job providing protection from other entities. A certificate
>>> authority like CAcert without even a minimum level of security or
>>> auditing in place is a liability when it comes to this.
> Having a set of CAs known for having issued fake certificates aren't
> much better either - even IF they happen to have found somebody signing
> them credibility on some piece of paper.
>>> Chromium no longer relies on the CA system for Google domains at all, it
>>> simply pins the certificates instead. See
> Which simply doesn't scale.
>>> http://www.certificate-transparency.org/ for an example of the work
>>> that's been done on to the CA system. It's a technical solution with
>>> Google's political capital behind it. A CA not implementing it will have
>>> EV (shiny green bar) revoked, and this happens to be a major source of
>>> revenue for them.
> $$$
>
> And idea is, that CAcert will be implementing something like this too.
> Given enough manpower things would be drastically faster though.
>>>> *1:
>>>>> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt: 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Equifax_Secure_eBusiness_CA_1.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Equifax_Secure_Global_eBusiness_CA.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/NetLock_Business_=Class_B=_Root.crt: 1024
>>>>> bit
>>>>> /usr/share/ca-certificates/mozilla/NetLock_Express_=Class_C=_Root.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Thawte_Premium_Server_CA.crt: 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Thawte_Server_CA.crt: 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt:
>>>>> 1024 bit
>>>>> /usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt:
>>>>> 1024 bit
>>>> *2:
>>>> if you ask me, this is just waiting for miss usage, as every university
>>>> (or person which could get access to there CAs) in Germany could issue a
>>>> cert for [your-bank.com]
>>> Trusting CAcert in addition to these certificate authorities will not
>>> improve the situation. At least these certificate authorities are
>>> competent enough to pass third party audits.
> Given how most IT departments in German universities are chronically
> under-funded I doubt signing you some certificate would cost too much
> ... And be it that on of the 64k SANs on the CSR accidentially works for
> some banking website ... how unfortunate. Most IT departments lack the
> practicl knowledge of how to securely operate a CA and given the high
> number of apprentices I really doubt you have to search for too long to
> get such a CSR signed.
>
> Regards,
> BenBE.
>


From drankinatty at suddenlinkmail.com  Wed Apr  2 17:56:09 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Wed, 02 Apr 2014 16:56:09 -0500
Subject: [arch-general] [arch-dev-public] Trimming down our default
 kernel configuration
In-Reply-To: <465312858.AyJRoTRvWp@fortune.local>
References: <533322DA.9000308@archlinux.org>
 <465312858.AyJRoTRvWp@fortune.local>
Message-ID: <533C8779.1070005@suddenlinkmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/27/2014 09:45 AM, Arthur ?i?eic? wrote:
> ?n ziua de Miercuri 26 Martie 2014, la 19:56:26, Thomas B?chler a scris:
>> I want to trim our kernel down to what we actually support.
> 
>> 1) Once we agreed to disable one LSM, everyone else said "we can enable
>> LSM XYZ, too". And so we did. Right now, we enable SELinux, SMACK,
>> Tomoyo, AppArmor and Yama, although we don't support the userspace for
>> any of those.
> 
> My opinion on this is that the kernel should be the ground on which userspace 
> should always work.
> 
> Features should be taken out with bug reports demonstrating breakage in 
> general usage, slowdowns or security risks.
> 
> Another important point of view should be the maintenance required to support 
> these seldom used features and I have nothing to comment on this.
> 
> Specifically regarding slowdowns, my layman opinion on this is that they are 
> meaningless in the general usage of the -ARCH kernel. 
> 
> If taking out theoretically useful features out of the kernel means that in 
> the end we gain 2 Mb of free memory or Apache is able to sustain 10500 
> connections instead of 10000 I personally don't see it as good bargain.
> 
> Building a personal or an AUR linux package is easy. Maintaining one is a lot 
> harder. The most important thing that is lost in this process is the community 
> support. One cannot compare the scrutiny and the testing of any AUR linux 
> package with those of the -ARCH kernel.
> 
> That being said I'd like to read and help test a before and after kernel in 
> regards to performance or any other concerning factor.
> 

First, +1 for the response.

Second, after reading this entire thread, I think it comes down to this:

  If maintaining the current config with SELinux, SMACK, etc.. support is a
significant part of maintaining the kernel package for TB, then that is the
argument for ditching it. If you are spending 30% of kernel package maintenance
time of this stuff for the benefit of a few users, then it makes sense to drop
it and let whoever uses it maintain that config, and possibly add an EXTRA/AUR
linux-SELinux-kernel-config.tar.xz package (and -SMACK, -LSM) to make that
config available so that every user who wants to build the kernel with that
support does not have to reinvent the wheel for each rebuild.

  I do not know what level of effort is involved in maintaining that config, but
if doing so requires significant effort, that effort should be borne by those
making use of it and not TB.

  If removal is needed due to claimed performance issues, then it takes
test-case evidence to support that. Otherwise, the reasoning is no better than
search location for MH370.

  I support TB's effort to trim down the config, but if providing the current
options is no-cost from a maintenance, security or performance standpoint, then
there is no reason not to provide the capability in the kernel.

  I think this discussion is well worth the effort to identify what in the
current config has a cost (in maintenance, security or performance) that
outweighs the benefit the feature provides. Those are the parts of the config
that should be trimmed and moved to user-maintenance.

- -- 
David C. Rankin, J.D.,P.E.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlM8h3gACgkQZMpuZ8CyrcjpLwCeNR/NE6ya1KekdtzdgaiCRJY6
BoEAn23SlMmF6DiicHjTlK/h50ApV5WV
=aHYI
-----END PGP SIGNATURE-----

From drankinatty at suddenlinkmail.com  Wed Apr  2 18:10:59 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Wed, 02 Apr 2014 17:10:59 -0500
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533BDC1A.1080600@googlemail.com>
References: <5339CD28.1030805@googlemail.com> <533BDC1A.1080600@googlemail.com>
Message-ID: <533C8AF3.8000902@suddenlinkmail.com>

On 04/02/2014 04:44 AM, Neal Oakey wrote:
> What do you think? Imho we should keep follow Debian here. Other
>> solutions would be to patch it back in or ship a separate optional
>> package; though that might be impossible for nss.
>>
>> Greetings,
>>
>> Pierre
>>

I usually agree with Pierre, but in this case "Why would we just want to follow
Deb?" Why not continue to provide CAcert with the info in this thread provided
as a proviso. No authority is perfect and dropping CAcert seems like a knee-jerk
response that accomplishes little for Arch or the users.

What would replace that dependency for curl and qt4, or would the functionality
just be lost?

-- 
David C. Rankin, J.D.,P.E.

From kyle at gmx.ca  Wed Apr  2 18:12:22 2014
From: kyle at gmx.ca (Kyle)
Date: Wed, 02 Apr 2014 18:12:22 -0400
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C8539.6090403@googlemail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C00AA.7040602@gmail.com>
 <533C2D39.70306@googlemail.com> <533C32EC.3050906@gmail.com>
 <533C3BD2.9030302@cacert.org> <533C83B4.6090801@cacert.org>
 <533C8539.6090403@googlemail.com>
Message-ID: <533C8B46.6080404@gmx.ca>

I really do hope the manpower becomes available to complete the code
cleanup and other things necessary to bring CAcert into the major
browsers and back into the Arch certificate bundle. From looking at the
options, CAcert is, as far as I know, the only truly free certificate
authority available anywhere. By free, I don't just mean cost; I am
actually referring to freedom. Free software, free website, free
certificate. Or better said, freedom software, freedom website, freedom
certificate. The currency-based trust model of most certificate
authorities never should have been allowed to happen on a free and open
internet, meaning that I should be able to trust my connection to my
bank because enough people verified that my bank's certificate can be
trusted, not just because my bank paid enough money for another
corporation to deem them trustworthy. That said, there are some
technical changes required to make CAcert work better and to make it
more secure. Unfortunately, although I do hand-code most of my websites,
I wouldn't feel comfortable messing around in CAcert's code, as I really
only do basic stuff for the most part. I could certainly try my hand at
cleaning up some stuff in the wiki though. At this point, I'll probably
be keeping the CAcert certificates I have, and will tell people to
import their root certificate in order to trust my websites that need
HTTPS, especially since CAcert is the only organization I'm aware of
that will allow me to issue certificates for multiple domains running on
the same VPS with a single IP address, which apparently, StartSSL can't do.
~Kyle
http://kyle.tk/
-- 
"Kyle? ... She calls her cake, Kyle?"
Out of This World, season 2 episode 21 - "The Amazing Evie"

From danielmicay at gmail.com  Wed Apr  2 18:31:23 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 18:31:23 -0400
Subject: [arch-general] [arch-dev-public] CAcert dropped from
 certificate bundle
In-Reply-To: <533C8AF3.8000902@suddenlinkmail.com>
References: <5339CD28.1030805@googlemail.com>
 <533BDC1A.1080600@googlemail.com> <533C8AF3.8000902@suddenlinkmail.com>
Message-ID: <533C8FBB.5020404@gmail.com>

On 02/04/14 06:10 PM, David C. Rankin wrote:
> On 04/02/2014 04:44 AM, Neal Oakey wrote:
>> What do you think? Imho we should keep follow Debian here. Other
>>> solutions would be to patch it back in or ship a separate optional
>>> package; though that might be impossible for nss.
>>>
>>> Greetings,
>>>
>>> Pierre
>>>
> 
> I usually agree with Pierre, but in this case "Why would we just want to follow
> Deb?" Why not continue to provide CAcert with the info in this thread provided
> as a proviso. No authority is perfect and dropping CAcert seems like a knee-jerk
> response that accomplishes little for Arch or the users.

If CAcert is hacked due to sloppy coding, then Arch users would all be
vulnerable to man-in-the-middle attacks using certificates signed by the
stolen private key. The certificate authority system is far from
perfect, but the ones Mozilla includes need to perform regular audits,
etc. CAcert doesn't meet their standards.

> What would replace that dependency for curl and qt4, or would the functionality
> just be lost?

ca-certificates provides the trusted certificate authorities, and it is
now simply shipping the upstream Mozilla certificate authorities. CAcert
was just one of the certificate authorities, and *not* one of the ones
trusted by Mozilla. Debian/Mozilla are the upstream here, and neither
wants to include CAcert.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/684ee92f/attachment-0001.asc>

From danielmicay at gmail.com  Wed Apr  2 18:50:14 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 02 Apr 2014 18:50:14 -0400
Subject: [arch-general] [arch-dev-public] Trimming down our default
 kernel configuration
In-Reply-To: <533C8779.1070005@suddenlinkmail.com>
References: <533322DA.9000308@archlinux.org>
 <465312858.AyJRoTRvWp@fortune.local> <533C8779.1070005@suddenlinkmail.com>
Message-ID: <533C9426.5000208@gmail.com>

The audit support required by these can't be compiled in without it
being enabled. It's useless crap for anyone who isn't working for a
bureaucracy and it spams the logs. It is also completely broken with
namespaces, so it doesn't work at all with containers or application
sandboxes.

If and when this stuff can be built as *modules* with no impact on
people not making use of it and someone is willing to maintain the
userspace support in the official repositories, then enabling it may
make sense.

Until then, you can use any sane LSM module without recompiling the
kernel by building just the module you plan on using and loading it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140402/e857572d/attachment.asc>

From markotahal at gmail.com  Thu Apr  3 05:22:10 2014
From: markotahal at gmail.com (Marek Otahal)
Date: Thu, 3 Apr 2014 11:22:10 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
Message-ID: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>

Hello,

I've lost content of /var, other partitions are ok, so system somewhat
boots up (to recovery mode).
What is the less pain method to get it again up and running? The problem I
see are pacman list of installed packages? Any other notes on what
important things could be missing?

Thank you very much for any help,
Mark

PS: no backups :-/

-- 
Marek Otahal :o)

From adys.wh at gmail.com  Thu Apr  3 05:26:17 2014
From: adys.wh at gmail.com (Jerome Leclanche)
Date: Thu, 3 Apr 2014 10:26:17 +0100
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
Message-ID: <CAFd36Bj9beuzzGdwLvFUSmDYNV36ZpG9PdFZnh6AJvV4h0Gksg@mail.gmail.com>

In a slim install, you're unlikely to have lost much due to the nature
of /var (only variable data, aka no "installed files"). If you had a
database on disk you did lose that, eg postgres. Also firewall rules
and all logs.

Try pacman -Ql | grep /var to see what owns stuff in there.
J. Leclanche


On Thu, Apr 3, 2014 at 10:22 AM, Marek Otahal <markotahal at gmail.com> wrote:
> Hello,
>
> I've lost content of /var, other partitions are ok, so system somewhat
> boots up (to recovery mode).
> What is the less pain method to get it again up and running? The problem I
> see are pacman list of installed packages? Any other notes on what
> important things could be missing?
>
> Thank you very much for any help,
> Mark
>
> PS: no backups :-/
>
> --
> Marek Otahal :o)

From mysatyre at gmail.com  Thu Apr  3 05:28:29 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Thu, 3 Apr 2014 11:28:29 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
Message-ID: <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>

Or better, check with the command that tests all packages' files for presence.

# pacman -Qk | grep -v '0 missing files'

cheers!
mar77i

From jeff.rollin at gmail.com  Thu Apr  3 05:38:55 2014
From: jeff.rollin at gmail.com (Jeff Daniel Rollin-Jones)
Date: Thu, 3 Apr 2014 10:38:55 +0100
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
Message-ID: <5598550E-6BB0-41D0-828F-F175E43FFF99@gmail.com>

It might actually be easier to reinstall than to go through "pacmanning" everything that's been lost, individually.

Sent from my iPhone

> On 3 Apr 2014, at 10:28, Martti K?hne <mysatyre at gmail.com> wrote:
> 
> Or better, check with the command that tests all packages' files for presence.
> 
> # pacman -Qk | grep -v '0 missing files'
> 
> cheers!
> mar77i

From mysatyre at gmail.com  Thu Apr  3 05:43:07 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Thu, 3 Apr 2014 11:43:07 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <5598550E-6BB0-41D0-828F-F175E43FFF99@gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
 <5598550E-6BB0-41D0-828F-F175E43FFF99@gmail.com>
Message-ID: <CAONKL1BR3sT2WXy_XJLJxZ=oUP_5TRp=93aYF+A7jPoZjbYBTQ@mail.gmail.com>

On Thu, Apr 3, 2014 at 11:38 AM, Jeff Daniel Rollin-Jones
<jeff.rollin at gmail.com> wrote:
> It might actually be easier to reinstall than to go through "pacmanning" everything that's been lost, individually.
>


Do you mean `pacman -S $(pacman -Qq)`?

cheers!
mar77i

From thomas at archlinux.org  Thu Apr  3 05:43:46 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Thu, 03 Apr 2014 11:43:46 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
Message-ID: <533D2D52.9000303@archlinux.org>

Am 03.04.2014 11:28, schrieb Martti K?hne:
> Or better, check with the command that tests all packages' files for presence.
> 
> # pacman -Qk | grep -v '0 missing files'

LOL. Where do you think that information is stored? I'll give you a
subtle hint: It's /var.

OP is basically screwed. There is no easy way to get his stuff back into
working order. There is not even an easy way to determine which packages
have been installed.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/2f751ed5/attachment.asc>

From mysatyre at gmail.com  Thu Apr  3 05:50:23 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Thu, 3 Apr 2014 11:50:23 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <533D2D52.9000303@archlinux.org>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAONKL1CJB8hEBGASeqTmsMx7O8Y4P+ORSc1nh8g+RCbXThEB7Q@mail.gmail.com>
 <533D2D52.9000303@archlinux.org>
Message-ID: <CAONKL1Dtt0D_E0N+xGTQQ+ra5xqz3TWnxvNeCcDS5he54zi94w@mail.gmail.com>

On Thu, Apr 3, 2014 at 11:43 AM, Thomas B?chler <thomas at archlinux.org> wrote:
> Am 03.04.2014 11:28, schrieb Martti K?hne:
>> Or better, check with the command that tests all packages' files for presence.
>>
>> # pacman -Qk | grep -v '0 missing files'
>
> LOL. Where do you think that information is stored? I'll give you a
> subtle hint: It's /var.
>


Now that you mention it... okay.jpg

cheers!
mar77i

From magnus at therning.org  Thu Apr  3 07:25:19 2014
From: magnus at therning.org (Magnus Therning)
Date: Thu, 3 Apr 2014 13:25:19 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C362C.3080207@progandy.de>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
Message-ID: <CAAExw5t6-oi_0YCrtV1nrQscwKM5GsQMvuOaCf0RbFhLMBVKRQ@mail.gmail.com>

On Wed, Apr 2, 2014 at 6:09 PM, ProgAndy <admin at progandy.de> wrote:
> There may be a transparent proxy in your routing chain that strips
> compression in order to run a virus scan.
> The server sends these headers for haskell-core.db
> ( curl -I http://xsounds.org/~haskell/core/x86_64/haskell-core.db )
>
>     Content-Type: application/x-tar
>     Content-Encoding: x-gzip
>
> It might work as expected without a Content-Encoding header:
>
> Content-Type: application/x-gzip

Yes, you are probably right.  I just didn't think anyone would
actually configure a proxy to deliver the un-gzipped result to the
client.  That sounds like a way to break all kinds of things!

I'll ask around here to see if this is the case.

I don't have direct control over the server where the repo is, but I
might be able to convince the admins that it's a bad idea to put
Content-Encoding into reponses.

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

From lists at sapience.com  Thu Apr  3 09:05:13 2014
From: lists at sapience.com (Genes Lists)
Date: Thu, 03 Apr 2014 09:05:13 -0400
Subject: [arch-general] [arch-dev-public] Linux 3.14 in [testing]
In-Reply-To: <533D1764.2030306@archlinux.org>
References: <533B3B95.60604@archlinux.org>
 <CAA407mw9+hXmuPCWEJPozCYEhSw7SN_0yYjGhbPAZz4Anz39cQ@mail.gmail.com>
 <533D1764.2030306@archlinux.org>
Message-ID: <533D5C89.2040704@sapience.com>

On 04/03/2014 04:10 AM, Thomas B?chler wrote:
> Am 03.04.2014 05:24, schrieb Evangelos Foutras:
...
>>
>> Has anyone else experienced hangs in Firefox with the latest kernel?
>
> None that I can remember.
>
>
I use firefox only lightly - however I too have not noticed any problems 
with 3.14 from rc1 through release.

From danielmicay at gmail.com  Thu Apr  3 12:12:52 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Thu, 03 Apr 2014 12:12:52 -0400
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
Message-ID: <533D8884.5040504@gmail.com>

On 03/04/14 05:22 AM, Marek Otahal wrote:
> Hello,
> 
> I've lost content of /var, other partitions are ok, so system somewhat
> boots up (to recovery mode).
> What is the less pain method to get it again up and running? The problem I
> see are pacman list of installed packages? Any other notes on what
> important things could be missing?
> 
> Thank you very much for any help,
> Mark
> 
> PS: no backups :-/

You can install a fresh install on top of the old install by using
`pacstrap`. I would boot up a live cd, move /etc to /etc_old, then
remove all other top levels directories other than /home, and install
again with pacstrap. The pacman database was in /var so there's little
point in trying to reinstall the same packages, and it doesn't seem very
important anyway - you'll remember what you used when it's missing, and
it's trivial to install it again.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/1b2efc93/attachment.asc>

From eduardo.machado at gmail.com  Thu Apr  3 13:07:16 2014
From: eduardo.machado at gmail.com (Eduardo Machado)
Date: Thu, 3 Apr 2014 14:07:16 -0300
Subject: [arch-general] Apache 2.4 - Pierre was right,
 a post on the front page is needed
In-Reply-To: <533C6EBF.7050708@suddenlinkmail.com>
References: <533C6EBF.7050708@suddenlinkmail.com>
Message-ID: <CAKXVDZc7MWieaz+d3xJc50kcVov04uGc+-GRs7s8Oxf_UKTjMA@mail.gmail.com>

2014-04-02 17:10 GMT-03:00 David C. Rankin <drankinatty at suddenlinkmail.com>:

>
>   Thanks for the hard work, and so far, the sky hasn't fallen since the
> apache
> 2.4 update. Just don't get rid of mod_php, mod_fastcgi + php-fpm isn't a
> drop in
> replacement in all cases.
>

I am planning to publish a mod_php (php-zts) compatible with apache 2.4
threaded mpm. I will publish it in AUR after a few more tests.

I wish to contribute for the exactly same reason, the php-fpm isn't a drop
in replacement. In my case, it will increase my work on configuration and
maintenance.

From enwukaer at gmail.com  Thu Apr  3 13:36:53 2014
From: enwukaer at gmail.com (Nowaker)
Date: Thu, 03 Apr 2014 19:36:53 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <533D8884.5040504@gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <533D8884.5040504@gmail.com>
Message-ID: <533D9C35.5090702@gmail.com>

> The pacman database was in /var so there's little point in trying to reinstall the same packages

What about software updates, security fixes, etc? ;-)

> What is the less pain method to get it again up and running? The problem I
> see are pacman list of installed packages?

Although you don't know what packaged you had (/var lost), you may use 
/usr/bin/pkgfile to determine what package a file belongs to, e.g.

% pkgfile /usr/lib/liblink-grammar.so
extra/link-grammar

Run this across all the files in /usr, /etc and others, and you have a 
list of the packages that need to be installed again.

Note: you need pkgfile, which means you need it from pacman, which means 
you need to pacstrap. Daniel wrote how to do it.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From danielmicay at gmail.com  Thu Apr  3 13:57:05 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Thu, 03 Apr 2014 13:57:05 -0400
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <533D9C35.5090702@gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <533D8884.5040504@gmail.com> <533D9C35.5090702@gmail.com>
Message-ID: <533DA0F1.9020205@gmail.com>

On 03/04/14 01:36 PM, Nowaker wrote:
>> The pacman database was in /var so there's little point in trying to
>> reinstall the same packages
> 
> What about software updates, security fixes, etc? ;-)

Which is why I'm suggesting a reinstall with pacstrap.

>> What is the less pain method to get it again up and running? The
>> problem I
>> see are pacman list of installed packages?
> 
> Although you don't know what packaged you had (/var lost), you may use
> /usr/bin/pkgfile to determine what package a file belongs to, e.g.
> 
> % pkgfile /usr/lib/liblink-grammar.so
> extra/link-grammar
> 
> Run this across all the files in /usr, /etc and others, and you have a
> list of the packages that need to be installed again.

You won't have a list of which ones are explicit vs. implicit though.
IMO there's not much harm in simply reinstalling base along with the
packages are actually wanted. If nothing else, it's an involuntary
spring cleaning.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/6ebddf9a/attachment.asc>

From l.jirkovsky at gmail.com  Thu Apr  3 15:12:28 2014
From: l.jirkovsky at gmail.com (Lukas Jirkovsky)
Date: Thu, 3 Apr 2014 21:12:28 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
Message-ID: <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>

On Thu, Apr 3, 2014 at 11:22 AM, Marek Otahal <markotahal at gmail.com> wrote:
> Hello,
>
> I've lost content of /var, other partitions are ok, so system somewhat
> boots up (to recovery mode).
> What is the less pain method to get it again up and running? The problem I
> see are pacman list of installed packages? Any other notes on what
> important things could be missing?
>
> Thank you very much for any help,
> Mark
>
> PS: no backups :-/
>
> --
> Marek Otahal :o)

If you have enough time, I would try using pkgfile to recover the
installed packages. I thing something like this should suffice:
# update the pkgfile database
pkgfile -u
# find the package names for all binaries
find /usr/bin -type f -exec pkgfile '{}' ';' | uniq

I assume that the libs would be installed as depends for the programs
that has a binary in /usr/bin

Lukas

From magnus at therning.org  Thu Apr  3 16:07:13 2014
From: magnus at therning.org (Magnus Therning)
Date: Thu, 3 Apr 2014 22:07:13 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <CAAExw5t6-oi_0YCrtV1nrQscwKM5GsQMvuOaCf0RbFhLMBVKRQ@mail.gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <CAAExw5t6-oi_0YCrtV1nrQscwKM5GsQMvuOaCf0RbFhLMBVKRQ@mail.gmail.com>
Message-ID: <20140403200713.GB3050@tatooine.lan>

On Thu, Apr 03, 2014 at 01:25:19PM +0200, Magnus Therning wrote:
> On Wed, Apr 2, 2014 at 6:09 PM, ProgAndy <admin at progandy.de> wrote:
> > There may be a transparent proxy in your routing chain that strips
> > compression in order to run a virus scan.
> > The server sends these headers for haskell-core.db
> > ( curl -I http://xsounds.org/~haskell/core/x86_64/haskell-core.db )
> >
> >     Content-Type: application/x-tar
> >     Content-Encoding: x-gzip
> >
> > It might work as expected without a Content-Encoding header:
> >
> > Content-Type: application/x-gzip
> 
> Yes, you are probably right.  I just didn't think anyone would
> actually configure a proxy to deliver the un-gzipped result to the
> client.  That sounds like a way to break all kinds of things!
> 
> I'll ask around here to see if this is the case.
> 
> I don't have direct control over the server where the repo is, but I
> might be able to convince the admins that it's a bad idea to put
> Content-Encoding into reponses.

Now after an upgrade of Apache by the administrator the
Content-Encoding header is gone.  Also I found out that there is a
possibility to control mime types via .htaccess files.  I put the
following into one

  AddTypw application/octet-stream .gz

and now the Content-Type is modified too.  Hopefully that'll fix it,
but I'll have to test when I get to work tomorrow.

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

Heuristic is an algorithm in a clown suit. It?s less predictable, it?s more
fun, and it comes without a 30-day, money-back guarantee.
     -- Steve McConnell, Code Complete 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/67c83a5c/attachment-0001.asc>

From magnus at therning.org  Thu Apr  3 16:17:27 2014
From: magnus at therning.org (Magnus Therning)
Date: Thu, 3 Apr 2014 22:17:27 +0200
Subject: [arch-general] pacman-key complaining, but what to do about it?
In-Reply-To: <533C4210.1070301@gmail.com>
References: <CAAExw5vAT=wNE90ydgXMRmCCdPrM-_nw2q5KbWwNFHWup0APnw@mail.gmail.com>
 <CAAExw5uRJySx=uyU4j=xpb+q1qH2qRfByb9REacQMQBWWU=jHA@mail.gmail.com>
 <20140402155640.GA1166@tatooine.lan> <533C362C.3080207@progandy.de>
 <533C3F38.6010402@gmail.com> <533C4210.1070301@gmail.com>
Message-ID: <20140403201727.GC3050@tatooine.lan>

On Wed, Apr 02, 2014 at 01:00:00PM -0400, Daniel Micay wrote:
> On 02/04/14 12:47 PM, Nowaker wrote:
> >> There may be a transparent proxy in your routing chain that strips
> >> compression in order to run a virus scan.
> > 
> > Time for SSL-securing Arch Linux repos to prevent any sort of
> > man-in-the-middle attacks? Even such trivial things like compression
> > stripping, or image optimization often performed by mobile internet
> > providers is a man-in-the-middle. This should be fought by any means.
> 
> Packages are already signed, and pacman has support for signing the
> repositories. Using TLS for repositories is close to useless because the

Well, if there's something on the path from repo to client that
re-writes downloads, then pacman's support for signing repos isn't
worth very much when it comes to achieving my end goal.  Sure, I'm
alerted to the fact that the packages I receive are modified, but it
doesn't help me updating my system.  Something would be needed that
throws a spanner in the works of the entity that modifies my
downloads; SSL would do that.  Maybe there are other ways of achieving
the same goal.

> mirrors are not *really* trusted entities, and the CA system is a broken
> alternative to the solid archlinux-keyring package.

The trust sits in the signing of repos, which means there is no need
for trust in the transport layer in this particular scenario; in other
words, it's irrelevant that mirrors are untrusted and it's equally
irrelevant that the CA system is broken ;)

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

Most software today is very much like an Egyptian pyramid with
millions of bricks piled on top of each other, with no structural
integrity, but just done by brute force and thousands of slaves.
     -- Alan Kay
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/8c88314c/attachment.asc>

From kiotoze at gmail.com  Thu Apr  3 16:20:06 2014
From: kiotoze at gmail.com (Kiotoze)
Date: Thu, 03 Apr 2014 23:20:06 +0300
Subject: [arch-general] Apache 2.4 - Pierre was right,
 a post on the front page is needed
In-Reply-To: <533C6EBF.7050708@suddenlinkmail.com>
References: <533C6EBF.7050708@suddenlinkmail.com>
Message-ID: <533DC276.5040701@gmail.com>


On 04/02/2014 11:10 PM, David C. Rankin wrote:
>    Having a few moments today to bring a production server up to date, I checked
> www.archlinux.org for any current warnings about breakage or that user
> interaction would be required for update. Finding none, I updated, and on reboot
> Apache 2.4 was dead in the water. WTF?
Was in the same situation few weeks ago :( The information about 
possible breakage and quick fix definitely should be posted on archlinux 
to notice all other users to prevent downtime

From arthur at psw.ro  Thu Apr  3 18:41:32 2014
From: arthur at psw.ro (Arthur =?utf-8?B?yJppyJtlaWPEgw==?=)
Date: Fri, 04 Apr 2014 01:41:32 +0300
Subject: [arch-general] [arch-dev-public] Trimming down our default
	kernel configuration
In-Reply-To: <533C9426.5000208@gmail.com>
References: <533322DA.9000308@archlinux.org>
 <533C8779.1070005@suddenlinkmail.com> <533C9426.5000208@gmail.com>
Message-ID: <2819048.EZ5GGakvQ2@fortune.local>

?n ziua de Mie 02 Apr 2014, la 18:50:14, Daniel Micay a scris:
> Until then, you can use any sane LSM module without recompiling the
> kernel by building just the module you plan on using and loading it.

I'm no kernel hacker by any means but AFAIK the LSM framework is still there 
with CONFIG_SECURITY, it's just the modules that are missing.

In the end the trimming guys gain nothing because the the security "bloat" 
(the LSM framework) is still in the kernel and the security guys lost the 
modules. Did I get anything wrong?

-- 
Arthur ?i?eic?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140404/c871b4cf/attachment.asc>

From danielmicay at gmail.com  Thu Apr  3 19:15:03 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Thu, 03 Apr 2014 19:15:03 -0400
Subject: [arch-general] [arch-dev-public] Trimming down our default
 kernel configuration
In-Reply-To: <2819048.EZ5GGakvQ2@fortune.local>
References: <533322DA.9000308@archlinux.org>
 <533C8779.1070005@suddenlinkmail.com> <533C9426.5000208@gmail.com>
 <2819048.EZ5GGakvQ2@fortune.local>
Message-ID: <533DEB77.5050900@gmail.com>

On 03/04/14 06:41 PM, Arthur ?i?eic? wrote:
> ?n ziua de Mie 02 Apr 2014, la 18:50:14, Daniel Micay a scris:
>> Until then, you can use any sane LSM module without recompiling the
>> kernel by building just the module you plan on using and loading it.
> 
> I'm no kernel hacker by any means but AFAIK the LSM framework is still there 
> with CONFIG_SECURITY, it's just the modules that are missing.

The LSM support is still there due to Yama. It would be great if support
for `ptrace_scope` was simply included in the core kernel.

Since the `protected_symlinks` and `protected_hardlinks` switches
landed, I think there's a good chance of something like this ending up
there too.

> In the end the trimming guys gain nothing because the the security "bloat" 
> (the LSM framework) is still in the kernel and the security guys lost the 
> modules. Did I get anything wrong?

Yes, you've got it wrong. The kernel logs are no longer being spammed by
useless audit crap. As I said in the email you're replying to:

> The audit support required by these can't be compiled in without it
> being enabled. It's useless crap for anyone who isn't working for a
> bureaucracy and it spams the logs. It is also completely broken with
> namespaces, so it doesn't work at all with containers or application
> sandboxes.

I don't think the 'security guys' lost much, considering that none of
this worked without userspace support that we do not have. SELinux and
Smack require the recompilation of userspace packages, including with
patches for SELinux. AppArmor requires kernel patches missing in the
mainline kernel to work correctly.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140403/3d2c8fee/attachment.asc>

From mihamina.rakotomandimby at rktmb.org  Fri Apr  4 05:26:31 2014
From: mihamina.rakotomandimby at rktmb.org (Mihamina Rakotomandimby)
Date: Fri, 04 Apr 2014 12:26:31 +0300
Subject: [arch-general] NVIDIA Corporation GF108GLM [NVS 5200M]
Message-ID: <533E7AC7.70503@rktmb.org>

Hi all,

I have a Dell Latitude E6430 shipped with this Nvidia device:

01:00.0 VGA compatible controller: NVIDIA Corporation GF108GLM [NVS 
5200M] (rev a1) (prog-if 00 [VGA controller])
	Subsystem: Dell Device 1534
	Flags: bus master, fast devsel, latency 0, IRQ 44
	Memory at f5000000 (32-bit, non-prefetchable) [size=16M]
	Memory at e0000000 (64-bit, prefetchable) [size=256M]
	Memory at f0000000 (64-bit, prefetchable) [size=32M]
	I/O ports at e000 [size=128]
	Expansion ROM at f6000000 [disabled] [size=512K]
	Capabilities: [60] Power Management version 3
	Capabilities: [68] MSI: Enable+ Count=1/1 Maskable- 64bit+
	Capabilities: [78] Express Endpoint, MSI 00
	Capabilities: [b4] Vendor Specific Information: Len=14 <?>
	Capabilities: [100] Virtual Channel
	Capabilities: [128] Power Budgeting <?>
	Capabilities: [600] Vendor Specific Information: ID=0001 Rev=1 Len=024 <?>
	Kernel driver in use: nouveau

My Laptop has VGA and HDMI output, both are used inorder to get a triple 
display system: on board screen + one on VGA, one on HDMI.

Do you have special recommandation on which driver to install and any 
tip relative to that hardware?

Note: Currently using Fedora it works quite well, but I really want to 
give a try to ARch and want to get my screens as soon as possible :-)

Thanks for your help.

From carstenmattner at gmail.com  Fri Apr  4 05:40:58 2014
From: carstenmattner at gmail.com (Carsten Mattner)
Date: Fri, 4 Apr 2014 11:40:58 +0200
Subject: [arch-general] error: GPGME error: Invalid crypto engine
Message-ID: <CACY+HvpaAYafJ__jOm8cXJO4PyZK9KrfJ7Z-HbFqs8Lney_hyw@mail.gmail.com>

Does someone else have problems upgrading with testing enabled since
yesterday? Checked the mailing list and there's not warning that
testing is broken.


:: Synchronizing package databases...
 testing is up to date
 core is up to date
 extra is up to date
 community-testing is up to date
 community is up to date
:: Starting full system upgrade...
warning: bash: local (4.3.008-1) is newer than core (4.3-3)
warning: readline: local (6.3.003-1) is newer than core (6.3-3)
resolving dependencies...
looking for inter-conflicts...

Packages (1): linux-3.14-3

Total Installed Size:   69.37 MiB
Net Upgrade Size:       0.00 MiB

:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [...] 100%
error: GPGME error: Invalid crypto engine
(1/1) checking package integrity [...] 100%
error: GPGME error: Invalid crypto engine
error: linux: missing required signature
:: File /var/cache/pacman/pkg/linux-3.14-3-x86_64.pkg.tar.xz is
corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]


Same problem if I try to downgrade readline and bash

:: File /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz is
corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: bash: missing required signature
:: File /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz is
corrupted (invalid or corrupted package (PGP signature)).

From thomas at archlinux.org  Fri Apr  4 05:52:35 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Fri, 04 Apr 2014 11:52:35 +0200
Subject: [arch-general] error: GPGME error: Invalid crypto engine
In-Reply-To: <CACY+HvpaAYafJ__jOm8cXJO4PyZK9KrfJ7Z-HbFqs8Lney_hyw@mail.gmail.com>
References: <CACY+HvpaAYafJ__jOm8cXJO4PyZK9KrfJ7Z-HbFqs8Lney_hyw@mail.gmail.com>
Message-ID: <533E80E3.2020307@archlinux.org>

Am 04.04.2014 11:40, schrieb Carsten Mattner:
> Same problem if I try to downgrade readline and bash
> 
> :: File /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz is
> corrupted (invalid or corrupted package (PGP signature)).
> Do you want to delete it? [Y/n] n
> error: bash: missing required signature
> :: File /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz is
> corrupted (invalid or corrupted package (PGP signature)).

Use pacman -U to downgrade readline+bash from your cache (this skips
signature verification by default). You may even have to log out and in
again.

If you are paranoid, verify both packages with pacman-key -v before
installing them (I think that one should still work, as opposed to
pacman+gpgme).


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140404/fe37c992/attachment-0001.asc>

From carstenmattner at gmail.com  Fri Apr  4 06:00:47 2014
From: carstenmattner at gmail.com (Carsten Mattner)
Date: Fri, 4 Apr 2014 12:00:47 +0200
Subject: [arch-general] error: GPGME error: Invalid crypto engine
In-Reply-To: <533E80E3.2020307@archlinux.org>
References: <CACY+HvpaAYafJ__jOm8cXJO4PyZK9KrfJ7Z-HbFqs8Lney_hyw@mail.gmail.com>
 <533E80E3.2020307@archlinux.org>
Message-ID: <CACY+HvosBdu+Kh1wBs1z_VZhzxrWMvJxGkABAydSPPiDNN3hyQ@mail.gmail.com>

On Fri, Apr 4, 2014 at 11:52 AM, Thomas B?chler <thomas at archlinux.org> wrote:
> Am 04.04.2014 11:40, schrieb Carsten Mattner:
>> Same problem if I try to downgrade readline and bash
>>
>> :: File /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz is
>> corrupted (invalid or corrupted package (PGP signature)).
>> Do you want to delete it? [Y/n] n
>> error: bash: missing required signature
>> :: File /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz is
>> corrupted (invalid or corrupted package (PGP signature)).
>
> Use pacman -U to downgrade readline+bash from your cache (this skips
> signature verification by default). You may even have to log out and in
> again.
>
> If you are paranoid, verify both packages with pacman-key -v before
> installing them (I think that one should still work, as opposed to
> pacman+gpgme).

pacman-key -v bash-4.3-3-x86_64.pkg.tar.xz
==> Checking bash-4.3-3-x86_64.pkg.tar.xz ...
gpg: symbol lookup error: /usr/lib/libreadline.so.6: undefined symbol: UP
==> ERROR: The signature identified by bash-4.3-3-x86_64.pkg.tar.xz
could not be verified.

sha256sum bash-4.3-3-x86_64.pkg.tar.xz
c02d4486ffd345b83868afa5f8ff61ac720e96559ac1b8bb84051625401364c0
sha256sum readline-6.3-3-x86_64.pkg.tar.xz
fc31861827cc94578ae69158312e605d2ffb26f1658e47406659f75f2bcc7196

Wouldn't it be great if I could check the file checksum of bash at
https://www.archlinux.org/packages/core/x86_64/bash/?

Can you at least confirm the checksums to be the same on your machine?

From bruno.widmann at gmail.com  Fri Apr  4 06:09:43 2014
From: bruno.widmann at gmail.com (Bruno Widmann)
Date: Fri, 4 Apr 2014 12:09:43 +0200
Subject: [arch-general] NVIDIA Corporation GF108GLM [NVS 5200M]
In-Reply-To: <533E7AC7.70503@rktmb.org>
References: <533E7AC7.70503@rktmb.org>
Message-ID: <CALTyvbsCB+tORr8Xu75XA__vanmC8fLEO=eq+Mkpzy1r95WWKw@mail.gmail.com>

Is this a dual graphics (Intel HD / nvidia) machine?

If yes, it can be quite tricky to get all 3 displays working. If you
are lucky then maybe everything works if you just select one of the
cards in the bios, but that is not the case if its anything like my
notebook where the digital output is physically connected to the
Nvidia card, while the analog VGA is connected to the intel.

The bumblebee article on the wiki might be what you will have to look
into. However, it is slightly out of date in the tripple-head section:
 * patching the xf86-video-intel package with the virtual-crtc is no
longer necessary, the needed functionality is now in the official
package.
 * Instead of the screenclone tool, you can use /usr/bin/intel-virtual-output



On Fri, Apr 4, 2014 at 11:26 AM, Mihamina Rakotomandimby
<mihamina.rakotomandimby at rktmb.org> wrote:
> Hi all,
>
> I have a Dell Latitude E6430 shipped with this Nvidia device:
>
> 01:00.0 VGA compatible controller: NVIDIA Corporation GF108GLM [NVS 5200M]
> (rev a1) (prog-if 00 [VGA controller])
>         Subsystem: Dell Device 1534
>         Flags: bus master, fast devsel, latency 0, IRQ 44
>         Memory at f5000000 (32-bit, non-prefetchable) [size=16M]
>         Memory at e0000000 (64-bit, prefetchable) [size=256M]
>         Memory at f0000000 (64-bit, prefetchable) [size=32M]
>         I/O ports at e000 [size=128]
>         Expansion ROM at f6000000 [disabled] [size=512K]
>         Capabilities: [60] Power Management version 3
>         Capabilities: [68] MSI: Enable+ Count=1/1 Maskable- 64bit+
>         Capabilities: [78] Express Endpoint, MSI 00
>         Capabilities: [b4] Vendor Specific Information: Len=14 <?>
>         Capabilities: [100] Virtual Channel
>         Capabilities: [128] Power Budgeting <?>
>         Capabilities: [600] Vendor Specific Information: ID=0001 Rev=1
> Len=024 <?>
>         Kernel driver in use: nouveau
>
> My Laptop has VGA and HDMI output, both are used inorder to get a triple
> display system: on board screen + one on VGA, one on HDMI.
>
> Do you have special recommandation on which driver to install and any tip
> relative to that hardware?
>
> Note: Currently using Fedora it works quite well, but I really want to give
> a try to ARch and want to get my screens as soon as possible :-)
>
> Thanks for your help.

From ushi+arch at honkgong.info  Fri Apr  4 06:31:47 2014
From: ushi+arch at honkgong.info (ushi)
Date: Fri, 04 Apr 2014 12:31:47 +0200
Subject: [arch-general] error: GPGME error: Invalid crypto engine
In-Reply-To: <CACY+HvosBdu+Kh1wBs1z_VZhzxrWMvJxGkABAydSPPiDNN3hyQ@mail.gmail.com>
References: <CACY+HvpaAYafJ__jOm8cXJO4PyZK9KrfJ7Z-HbFqs8Lney_hyw@mail.gmail.com>
 <533E80E3.2020307@archlinux.org>
 <CACY+HvosBdu+Kh1wBs1z_VZhzxrWMvJxGkABAydSPPiDNN3hyQ@mail.gmail.com>
Message-ID: <533E8A13.7050004@honkgong.info>

Am 04.04.2014 12:00, schrieb Carsten Mattner:
> On Fri, Apr 4, 2014 at 11:52 AM, Thomas B?chler <thomas at archlinux.org> wrote:
>> Am 04.04.2014 11:40, schrieb Carsten Mattner:
>>> Same problem if I try to downgrade readline and bash
>>>
>>> :: File /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz is
>>> corrupted (invalid or corrupted package (PGP signature)).
>>> Do you want to delete it? [Y/n] n
>>> error: bash: missing required signature
>>> :: File /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz is
>>> corrupted (invalid or corrupted package (PGP signature)).
>>
>> Use pacman -U to downgrade readline+bash from your cache (this skips
>> signature verification by default). You may even have to log out and in
>> again.
>>
>> If you are paranoid, verify both packages with pacman-key -v before
>> installing them (I think that one should still work, as opposed to
>> pacman+gpgme).
> 
> pacman-key -v bash-4.3-3-x86_64.pkg.tar.xz
> ==> Checking bash-4.3-3-x86_64.pkg.tar.xz ...
> gpg: symbol lookup error: /usr/lib/libreadline.so.6: undefined symbol: UP
> ==> ERROR: The signature identified by bash-4.3-3-x86_64.pkg.tar.xz
> could not be verified.
> 
> sha256sum bash-4.3-3-x86_64.pkg.tar.xz
> c02d4486ffd345b83868afa5f8ff61ac720e96559ac1b8bb84051625401364c0
> sha256sum readline-6.3-3-x86_64.pkg.tar.xz
> fc31861827cc94578ae69158312e605d2ffb26f1658e47406659f75f2bcc7196
> 
> Wouldn't it be great if I could check the file checksum of bash at
> https://www.archlinux.org/packages/core/x86_64/bash/?
> 
> Can you at least confirm the checksums to be the same on your machine?
> 
Looks good to me:

sha256sum /var/cache/pacman/pkg/bash-4.3-3-x86_64.pkg.tar.xz
c02d4486ffd345b83868afa5f8ff61ac720e96559ac1b8bb84051625401364c0

sha256sum /var/cache/pacman/pkg/readline-6.3-3-x86_64.pkg.tar.xz
fc31861827cc94578ae69158312e605d2ffb26f1658e47406659f75f2bcc7196

Cheers, ushi

From karol at babioch.de  Fri Apr  4 06:43:05 2014
From: karol at babioch.de (Karol Babioch)
Date: Fri, 04 Apr 2014 12:43:05 +0200
Subject: [arch-general] NVIDIA Corporation GF108GLM [NVS 5200M]
In-Reply-To: <533E7AC7.70503@rktmb.org>
References: <533E7AC7.70503@rktmb.org>
Message-ID: <533E8CB9.1020508@babioch.de>

Hi,

Am 04.04.2014 11:26, schrieb Mihamina Rakotomandimby:
> Note: Currently using Fedora it works quite well, but I really want to
> give a try to ARch and want to get my screens as soon as possible

As far as I know Fedora uses nouveau by default, so it will probably
work with Arch just "out-of-the-box", too (at least as "out-of-the-box"
as it gets with Arch).

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140404/639c89b4/attachment.asc>

From mihamina.rakotomandimby at rktmb.org  Fri Apr  4 07:51:19 2014
From: mihamina.rakotomandimby at rktmb.org (Mihamina Rakotomandimby)
Date: Fri, 04 Apr 2014 14:51:19 +0300
Subject: [arch-general] NVIDIA Corporation GF108GLM [NVS 5200M]
In-Reply-To: <CALTyvbsCB+tORr8Xu75XA__vanmC8fLEO=eq+Mkpzy1r95WWKw@mail.gmail.com>
References: <533E7AC7.70503@rktmb.org>
 <CALTyvbsCB+tORr8Xu75XA__vanmC8fLEO=eq+Mkpzy1r95WWKw@mail.gmail.com>
Message-ID: <533E9CB7.7050407@rktmb.org>

On 04/04/2014 01:09 PM, Bruno Widmann wrote:
> Is this a dual graphics (Intel HD / nvidia) machine?

It's not a dual graphics.
One card, NVidia.

Dell E6430 are shipped with Intel graphics when sold with i3 or i5 CPU, 
and NVidia when i7 CPU.

Thanks.

From mihamina.rakotomandimby at rktmb.org  Fri Apr  4 07:53:44 2014
From: mihamina.rakotomandimby at rktmb.org (Mihamina Rakotomandimby)
Date: Fri, 04 Apr 2014 14:53:44 +0300
Subject: [arch-general] NVIDIA Corporation GF108GLM [NVS 5200M]
In-Reply-To: <533E8CB9.1020508@babioch.de>
References: <533E7AC7.70503@rktmb.org> <533E8CB9.1020508@babioch.de>
Message-ID: <533E9D48.1070704@rktmb.org>

On 04/04/2014 01:43 PM, Karol Babioch wrote:

>>> Note: Currently using Fedora it works quite well, but I really want to
>>> give a try to ARch and want to get my screens as soon as possible

> As far as I know Fedora uses nouveau by default, so it will probably
> work with Arch just "out-of-the-box", too (at least as "out-of-the-box"
> as it gets with Arch).

OK, thank you.
The other parts of the laptop are well supported. The only doubt is on 
the NVidia card ;-)



From borja at libcrack.so  Fri Apr  4 08:46:34 2014
From: borja at libcrack.so (Borja)
Date: Fri, 4 Apr 2014 14:46:34 +0200
Subject: [arch-general] Request: PKGBUILD removal of (sysdig|sysdig-git)
Message-ID: <20140404144634.03ce7772@watergate.libcrack.so>


Hi chaps!

I would like to requestthe removal the one of this two PKGBUILD:

	- sysdig
	- sysdig-git

I've comitted both of them by mistake. I would say that maybe it's better to
keep sysdig? Or maybe guys you think it's better to keep sysdig-git just in 
case the people from Draios Inc. will add support to Arch to their installer?

Cheers!

=================================================================================

 GPG key ID 4CA6E08B -- https://www.libcrack.so/



From danielmicay at gmail.com  Fri Apr  4 08:47:19 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Fri, 04 Apr 2014 08:47:19 -0400
Subject: [arch-general] Request: PKGBUILD removal of (sysdig|sysdig-git)
In-Reply-To: <20140404144634.03ce7772@watergate.libcrack.so>
References: <20140404144634.03ce7772@watergate.libcrack.so>
Message-ID: <533EA9D7.9060007@gmail.com>

On 04/04/14 08:46 AM, Borja wrote:
> 
> Hi chaps!
> 
> I would like to requestthe removal the one of this two PKGBUILD:
> 
> 	- sysdig
> 	- sysdig-git
> 
> I've comitted both of them by mistake. I would say that maybe it's better to
> keep sysdig? Or maybe guys you think it's better to keep sysdig-git just in 
> case the people from Draios Inc. will add support to Arch to their installer?
> 
> Cheers!
> 
> =================================================================================
> 
>  GPG key ID 4CA6E08B -- https://www.libcrack.so/
> 
> 

I've removed the `sysdig` package, because the naming implies that it's
installing a tagged release.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140404/7709aa83/attachment-0001.asc>

From scimmia at archlinux.info  Fri Apr  4 10:59:52 2014
From: scimmia at archlinux.info (scimmia at archlinux.info)
Date: Fri, 04 Apr 2014 09:59:52 -0500
Subject: [arch-general] Request: PKGBUILD removal of (sysdig|sysdig-git)
In-Reply-To: <20140404144634.03ce7772@watergate.libcrack.so>
References: <20140404144634.03ce7772@watergate.libcrack.so>
Message-ID: <5fbd835b54e2a09f263a53e47003ce9a@archlinux.info>

On 2014-04-04 07:46, Borja wrote:
> Hi chaps!
> 
> I would like to requestthe removal the one of this two PKGBUILD:
> 
> 	- sysdig
> 	- sysdig-git
> 
> I've comitted both of them by mistake. I would say that maybe it's 
> better to
> keep sysdig? Or maybe guys you think it's better to keep sysdig-git 
> just in
> case the people from Draios Inc. will add support to Arch to their 
> installer?
> 
> Cheers!
> 
> =================================================================================
> 
>  GPG key ID 4CA6E08B -- https://www.libcrack.so/

I believe you wanted the aur-general mailing list, not arch-general.

From bugrprt8e1f at online.de  Fri Apr  4 11:05:55 2014
From: bugrprt8e1f at online.de (Bug Report)
Date: Fri, 4 Apr 2014 15:05:55 +0000 (UTC)
Subject: [arch-general] Failed to start umbrello in KDE
References: <3303078.XVp0cNz5B2@meyaboo> <2671685.Y8KLtWbHAj@felix-arch>
Message-ID: <loom.20140404T170434-653@post.gmane.org>

Start Umbrello with:

  umbrello    --geometry 600x400+0+0




From mysatyre at gmail.com  Fri Apr  4 12:10:07 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Fri, 4 Apr 2014 18:10:07 +0200
Subject: [arch-general] Request: PKGBUILD removal of (sysdig|sysdig-git)
In-Reply-To: <5fbd835b54e2a09f263a53e47003ce9a@archlinux.info>
References: <20140404144634.03ce7772@watergate.libcrack.so>
 <5fbd835b54e2a09f263a53e47003ce9a@archlinux.info>
Message-ID: <CAONKL1CTk2-J02sW9HkBq_ZgHUqqbWGSD3nN1=JakGA8P56=sQ@mail.gmail.com>

On Fri, Apr 4, 2014 at 4:59 PM,  <scimmia at archlinux.info> wrote:
> On 2014-04-04 07:46, Borja wrote:
>>
>> Hi chaps!
>>
>> I would like to requestthe removal the one of this two PKGBUILD:
>>
>>         - sysdig
>>         - sysdig-git
>>
>> I've comitted both of them by mistake. I would say that maybe it's better
>> to
>> keep sysdig? Or maybe guys you think it's better to keep sysdig-git just
>> in
>> case the people from Draios Inc. will add support to Arch to their
>> installer?
>>
>> Cheers!
>>
>>
>> =================================================================================
>>
>>  GPG key ID 4CA6E08B -- https://www.libcrack.so/
>
>
> I believe you wanted the aur-general mailing list, not arch-general.


CCing to aur-general for completeness.

cheers!
mar77i

From rodrigorivascosta at gmail.com  Fri Apr  4 17:24:45 2014
From: rodrigorivascosta at gmail.com (Rodrigo Rivas)
Date: Fri, 4 Apr 2014 23:24:45 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
Message-ID: <CABNG1c2D2Vut9kX_dcZ0VvKYxSdMq5s-2L0LuGxHkx9JwLvaVQ@mail.gmail.com>

On Thu, Apr 3, 2014 at 9:12 PM, Lukas Jirkovsky <l.jirkovsky at gmail.com> wrote:
> If you have enough time, I would try using pkgfile to recover the
> installed packages. I thing something like this should suffice:
> # update the pkgfile database
> pkgfile -u
> # find the package names for all binaries
> find /usr/bin -type f -exec pkgfile '{}' ';' | uniq

Good idea. But just a little correction, use `sort` or else `uniq`
will not work properly:

    find /usr/bin -type f -exec pkgfile '{}' ';' | sort | uniq

-- 
Rodrigo

From simon.brand at postadigitale.de  Fri Apr  4 17:37:41 2014
From: simon.brand at postadigitale.de (Simon Brand)
Date: Fri, 04 Apr 2014 23:37:41 +0200
Subject: [arch-general] /var lost, how "reinstal" Archlinux?
In-Reply-To: <CABNG1c2D2Vut9kX_dcZ0VvKYxSdMq5s-2L0LuGxHkx9JwLvaVQ@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
 <CABNG1c2D2Vut9kX_dcZ0VvKYxSdMq5s-2L0LuGxHkx9JwLvaVQ@mail.gmail.com>
Message-ID: <533F2625.7000904@postadigitale.de>

Am 04.04.2014 23:24, schrieb Rodrigo Rivas:
> On Thu, Apr 3, 2014 at 9:12 PM, Lukas Jirkovsky <l.jirkovsky at gmail.com> wrote:
>> If you have enough time, I would try using pkgfile to recover the
>> installed packages. I thing something like this should suffice:
>> # update the pkgfile database
>> pkgfile -u
>> # find the package names for all binaries
>> find /usr/bin -type f -exec pkgfile '{}' ';' | uniq
> 
> Good idea. But just a little correction, use `sort` or else `uniq`
> will not work properly:
> 
>     find /usr/bin -type f -exec pkgfile '{}' ';' | sort | uniq
> 

or use only "| sort -u" instead


From ordo.ad at gmail.com  Sat Apr  5 04:55:28 2014
From: ordo.ad at gmail.com (Alessandro Doro)
Date: Sat, 5 Apr 2014 10:55:28 +0200
Subject: [arch-general] [arch-dev-public] Moving KDE3 and Gtk1 from [extra]
Message-ID: <20140405085528.GA9542@M50>

> Here are the packages that depends on gtk (maintained by Eric B?langer):
> 
> kiwi, Federico Cinelli
> 

Kiwi provides enhanced PyGTK widgets; it definitely doesn't require gtk1.

From j.l.k at gmx.com  Sat Apr  5 12:59:20 2014
From: j.l.k at gmx.com (Jakub =?utf-8?Q?Klinkovsk=C3=BD?=)
Date: Sat, 5 Apr 2014 18:59:20 +0200
Subject: [arch-general] [wiki cleanup] Links to non-existent packages
Message-ID: <20140405165920.GD8834@asusntb.lan>

Hello all,

as of today, there are exactly 714 invalid uses (413 unique) of Template:AUR [1]
or Template:Pkg [2] on the wiki, spread across 398 pages. The complete list is
on [3].

I will try to go through it and update the links, but this is not a one-man job,
so I would really appreciate some help. Please remember to strike/remove the
items from the list to save others' time.

The list includes some trivial mistakes (e.g. using package name with version),
but in most cases it will involve updating other content of the page. Also it
may be possible that there is a direct replacement for some packages (e.g. the
result of merging/renaming).

[1]: https://wiki.archlinux.org/index.php/Template:AUR
[2]: https://wiki.archlinux.org/index.php/Template:Pkg
[3]: https://wiki.archlinux.org/index.php/User:Lahwaacz.bot/Report_2014-04-05

Regards,

--
jlk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140405/4639736c/attachment.asc>

From karol.blazewicz at gmail.com  Sat Apr  5 17:11:44 2014
From: karol.blazewicz at gmail.com (Karol Blazewicz)
Date: Sat, 5 Apr 2014 23:11:44 +0200
Subject: [arch-general] [wiki cleanup] Links to non-existent packages
In-Reply-To: <20140405165920.GD8834@asusntb.lan>
References: <20140405165920.GD8834@asusntb.lan>
Message-ID: <CAO0v=MNZ6+ekUZz8E5=wDdZvxgBx0YtOW7gTS0CAn=GWSWJncw@mail.gmail.com>

On Sat, Apr 5, 2014 at 6:59 PM, Jakub Klinkovsk? <j.l.k at gmx.com> wrote:
> Hello all,
>
> as of today, there are exactly 714 invalid uses (413 unique) of Template:AUR [1]
> or Template:Pkg [2] on the wiki, spread across 398 pages. The complete list is
> on [3].
>
> I will try to go through it and update the links, but this is not a one-man job,
> so I would really appreciate some help. Please remember to strike/remove the
> items from the list to save others' time.
>
> The list includes some trivial mistakes (e.g. using package name with version),
> but in most cases it will involve updating other content of the page. Also it
> may be possible that there is a direct replacement for some packages (e.g. the
> result of merging/renaming).
>
> [1]: https://wiki.archlinux.org/index.php/Template:AUR
> [2]: https://wiki.archlinux.org/index.php/Template:Pkg
> [3]: https://wiki.archlinux.org/index.php/User:Lahwaacz.bot/Report_2014-04-05
>
> Regards,
>
> --
> jlk

I was just about to do something similar.
I'm going to focus on the English articles.

From mark at markelee.com  Sun Apr  6 00:43:28 2014
From: mark at markelee.com (Mark Lee)
Date: Sun, 06 Apr 2014 00:43:28 -0400
Subject: [arch-general] Non-root X on Arch Linux
Message-ID: <5340DB70.4090606@markelee.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Salutations,

Since Fedora 21 is working on dropping X root rights via systemd-logind.
Does Arch intend to follow?

From,
Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iF4EAREIAAYFAlNA23AACgkQZ/Z80n6+J/bnlQD+KXmYtkAySaraC+omwJb1x95q
QUud8Ojbkv/zCg/06FsA/iNsJTBoU2A4KspFZv2LnUuinKxcC5VOy64xpgRJVkV4
=GXC+
-----END PGP SIGNATURE-----

From sugar.and.scruffy at gmail.com  Sun Apr  6 00:49:14 2014
From: sugar.and.scruffy at gmail.com (Curtis Shimamoto)
Date: Sat, 5 Apr 2014 21:49:14 -0700
Subject: [arch-general] Non-root X on Arch Linux
In-Reply-To: <5340DB70.4090606@markelee.com>
References: <5340DB70.4090606@markelee.com>
Message-ID: <20140406044914.GA1061@thinkpad.home.lan>

On 04/06/14 at 12:43am, Mark Lee wrote:
> 
> Since Fedora 21 is working on dropping X root rights via systemd-logind.
> Does Arch intend to follow?
> 

I imagine this will be the case eventually.  But as far as I can tell,
at the moment these features are not yet included in the stable packages
of everything that is required.

Though like all things with Arch, I also would have to guess that this
would be an option for configuration and not something that would become
a "default" in the same way as Fedora. 

-- 
Curtis Shimamoto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140405/98278f38/attachment.asc>

From danielmicay at gmail.com  Sun Apr  6 20:44:59 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Sun, 06 Apr 2014 20:44:59 -0400
Subject: [arch-general] Non-root X on Arch Linux
In-Reply-To: <5340DB70.4090606@markelee.com>
References: <5340DB70.4090606@markelee.com>
Message-ID: <5341F50B.8050104@gmail.com>

On 06/04/14 12:43 AM, Mark Lee wrote:
> Salutations,
> 
> Since Fedora 21 is working on dropping X root rights via systemd-logind.
> Does Arch intend to follow?
> 
> From,
> Mark

Thanks to the work on logind, our Weston package already works as
non-root if you launch it as `weston` instead of `weston-launch`.

When xorg-server 1.16 is released, this will also work for X. I've been
planning on splitting out `weston-launch` from the regular Weston
package or simply removing it (unsure if there are any usable video
drivers requiring it) and I assume the setuid binary for X will have a
similar fate.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140406/4085ddf4/attachment.asc>

From mrugiero at gmail.com  Sun Apr  6 20:53:32 2014
From: mrugiero at gmail.com (Mario Rugiero)
Date: Sun, 6 Apr 2014 21:53:32 -0300
Subject: [arch-general] Non-root X on Arch Linux
In-Reply-To: <5341F50B.8050104@gmail.com>
References: <5340DB70.4090606@markelee.com>
	<5341F50B.8050104@gmail.com>
Message-ID: <CAKKQwLRSzxhkun7E_R+Oq6jB2XwzhZqLqQSGJd+N5YVPmCE0AA@mail.gmail.com>

I'd expect the usual pioneering of Arch for giving the option. I guess it's
up to the maintainers, but I don't see what could delay it in comparison to
Fedora. Is any special building flag needed that could get in the way?


2014-04-06 21:44 GMT-03:00 Daniel Micay <danielmicay at gmail.com>:

> On 06/04/14 12:43 AM, Mark Lee wrote:
> > Salutations,
> >
> > Since Fedora 21 is working on dropping X root rights via systemd-logind.
> > Does Arch intend to follow?
> >
> > From,
> > Mark
>
> Thanks to the work on logind, our Weston package already works as
> non-root if you launch it as `weston` instead of `weston-launch`.
>
> When xorg-server 1.16 is released, this will also work for X. I've been
> planning on splitting out `weston-launch` from the regular Weston
> package or simply removing it (unsure if there are any usable video
> drivers requiring it) and I assume the setuid binary for X will have a
> similar fate.
>
>

From danielmicay at gmail.com  Sun Apr  6 21:00:25 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Sun, 06 Apr 2014 21:00:25 -0400
Subject: [arch-general] Non-root X on Arch Linux
In-Reply-To: <CAKKQwLRSzxhkun7E_R+Oq6jB2XwzhZqLqQSGJd+N5YVPmCE0AA@mail.gmail.com>
References: <5340DB70.4090606@markelee.com>	<5341F50B.8050104@gmail.com>
 <CAKKQwLRSzxhkun7E_R+Oq6jB2XwzhZqLqQSGJd+N5YVPmCE0AA@mail.gmail.com>
Message-ID: <5341F8A9.6000607@gmail.com>

On 06/04/14 08:53 PM, Mario Rugiero wrote:
> I'd expect the usual pioneering of Arch for giving the option. I guess it's
> up to the maintainers, but I don't see what could delay it in comparison to
> Fedora. Is any special building flag needed that could get in the way?

In order for a non-setuid binary to be a useful improvements, the
maintainers need to actually get rid of the setuid binary by splitting
it out and making it a dependency of packages like nvidia. A Red Hat
developer proposed a patch adding a wrapper script for X so it can make
use of a setuid binary if and only if the driver requires it - making it
a fully transparent feature handled by the package manager via dependencies.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140406/9eb92b0c/attachment.asc>

From hzy068808 at gmail.com  Sun Apr  6 22:23:12 2014
From: hzy068808 at gmail.com (Zuyi Hu)
Date: Mon, 7 Apr 2014 10:23:12 +0800
Subject: [arch-general] Perl Padre ERROR
Message-ID: <CAHn8_r6x2f+=cEs2UXvBiZR5mEbTp2a_KFyU=_W9cR0XEL6JLw@mail.gmail.com>

hello, everyone!

I have built padre by cpan recently, but when running "build test" ,it
stoped by some errors,so I force install it,
but it can't run ! can't anyone know about this,or anyone can provide
perl-padre aur package,thanks

hzy at arch:~ 01:30:34 $ padre
Can't load '/usr/lib/perl5/site_perl/auto/Wx/Scintilla/Scintilla.so' for
module Wx::Scintilla: /usr/lib/perl5/site_perl/auto/Wx/Scintilla/
libwx_gtk2u_scintilla-2.8.12.so: undefined symbol: _ZTI14wxEventFunctor at
/usr/share/perl5/core_perl/XSLoader.pm line 68.
 at /usr/lib/perl5/site_perl/Wx/Scintilla.pm line 32.
Compilation failed in require at
/usr/share/perl5/site_perl/Padre/Wx/Theme.pm line 15.
BEGIN failed--compilation aborted at
/usr/share/perl5/site_perl/Padre/Wx/Theme.pm line 15.
Compilation failed in require at
/usr/share/perl5/site_perl/Padre/Wx/Main.pm line 50.
BEGIN failed--compilation aborted at
/usr/share/perl5/site_perl/Padre/Wx/Main.pm line 50.
Compilation failed in require at /usr/share/perl5/site_perl/Padre/Wx/App.pm
line 58.
Perl exited with active threads:
        1 running and unjoined
        0 finished and unjoined
        0 running and detached

From maykeldebian at gmail.com  Mon Apr  7 06:55:14 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Mon, 7 Apr 2014 12:55:14 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
Message-ID: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>

Hi, I configured the archlinux + xbmc. I will like remote control xbmc
with x11vnc from other machine.

Now, I control the xbmc with xbmc remote from android.

And also start x11vnc when archlinux boot...

Thanks in advanced.

From geralt at gmail.com  Mon Apr  7 07:00:52 2014
From: geralt at gmail.com (geralt at gmail.com)
Date: Mon, 7 Apr 2014 13:00:52 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
Message-ID: <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>

On Mon, Apr 7, 2014 at 12:55 PM, Maykel Franco <maykeldebian at gmail.com>wrote:

> Hi, I configured the archlinux + xbmc. I will like remote control xbmc
> with x11vnc from other machine.
>
> Now, I control the xbmc with xbmc remote from android.
>
> And also start x11vnc when archlinux boot...
>
> Thanks in advanced.
>


You should be able to connect to the x11vnc server with any vnc client,
like Vinagre. Once a vnc connection is established, if xbmc is running, you
can control it with the keyboard/mouse of the machine running the vnc
client. What problem are you experiencing, exactly?
-----------
I'd flash you my business card, but my hands are too full of guns.
- Peter Quill, aka Star-Lord, making another dashing rescue

From maykeldebian at gmail.com  Mon Apr  7 07:06:06 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Mon, 7 Apr 2014 13:06:06 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
 <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
Message-ID: <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>

2014-04-07 13:00 GMT+02:00 geralt at gmail.com <geralt at gmail.com>:

> On Mon, Apr 7, 2014 at 12:55 PM, Maykel Franco <maykeldebian at gmail.com
> >wrote:
>
> > Hi, I configured the archlinux + xbmc. I will like remote control xbmc
> > with x11vnc from other machine.
> >
> > Now, I control the xbmc with xbmc remote from android.
> >
> > And also start x11vnc when archlinux boot...
> >
> > Thanks in advanced.
> >
>
>
> You should be able to connect to the x11vnc server with any vnc client,
> like Vinagre. Once a vnc connection is established, if xbmc is running, you
> can control it with the keyboard/mouse of the machine running the vnc
> client. What problem are you experiencing, exactly?
> -----------
> I'd flash you my business card, but my hands are too full of guns.
> - Peter Quill, aka Star-Lord, making another dashing rescue
>


No problem for connect...The problem is:

I need start x11vnc when computer boot...

Sorry for my english.

Thanks for your response.

From piefge314 at gmail.com  Mon Apr  7 07:14:03 2014
From: piefge314 at gmail.com (Daniel Pirek)
Date: Mon, 07 Apr 2014 13:14:03 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
 <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
 <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
Message-ID: <165d79d7-ec49-42e7-af96-5bc915275f77@email.android.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On April 7, 2014 1:06:06 PM CEST, Maykel Franco <maykeldebian at gmail.com> wrote:
>2014-04-07 13:00 GMT+02:00 geralt at gmail.com <geralt at gmail.com>:
>
>> On Mon, Apr 7, 2014 at 12:55 PM, Maykel Franco
><maykeldebian at gmail.com>
>
>
>No problem for connect...The problem is:
>
>I need start x11vnc when computer boot...
>
>Sorry for my english.
>
>Thanks for your response.


I know nothing about xbmc
but normally i would put it in the .xinitrc file to load it when X starts up

don't forget to put it in the background with a '&' at the end of tge command.

/Daniel


- ----------------------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1

iQFABAEBCgAqBQJTQoh7IxxEYW5pZWwgUGlyZWsgPHBpZWZnZTMxNEBnbWFpbC5j
b20+AAoJEFOZgJga5mfX1NQH/RzEiC1T+qRrHWVLQOQkOSQZK7/89m5vbRrFtNsk
WCZ6StNaUGEYTgvYdo+scG5dpjg+Dii4Secb+p01s2SCrV1VH7octzTAlXxn1rv8
7djegiNuqT+XSDcwToIux5R2uBnzZD7IO6PSw/KpfFE0TsyAJPQgI7bGqD4INpaw
JCVKSj6LMtWZKw653LsJoeb1pEwzAk31XmNss327nGg6NV9oI60ORLYXgfOUUOKM
JufF1FHggiULNvaWhU6GgiQZsf3khkXvhSysOvpy6xw6jiM8Z3SWerJ0HQBgaJn1
sB9PwKLl8zJQy6K+NRUGQJLe3C1txLsMe53TqunCVmUM9NY=
=GZeK
-----END PGP SIGNATURE-----


From geralt at gmail.com  Mon Apr  7 07:24:13 2014
From: geralt at gmail.com (geralt at gmail.com)
Date: Mon, 7 Apr 2014 13:24:13 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
 <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
 <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
Message-ID: <CAN=JGODS3wmngVFcDL0mmUR_Ln65J95h1h-GC0QXYR8=DdPDCQ@mail.gmail.com>

On Mon, Apr 7, 2014 at 1:06 PM, Maykel Franco <maykeldebian at gmail.com>wrote:

> 2014-04-07 13:00 GMT+02:00 geralt at gmail.com <geralt at gmail.com>:
>
> > On Mon, Apr 7, 2014 at 12:55 PM, Maykel Franco <maykeldebian at gmail.com
> > >wrote:
> >
> > > Hi, I configured the archlinux + xbmc. I will like remote control xbmc
> > > with x11vnc from other machine.
> > >
> > > Now, I control the xbmc with xbmc remote from android.
> > >
> > > And also start x11vnc when archlinux boot...
> > >
> > > Thanks in advanced.
> > >
> >
> >
> > You should be able to connect to the x11vnc server with any vnc client,
> > like Vinagre. Once a vnc connection is established, if xbmc is running,
> you
> > can control it with the keyboard/mouse of the machine running the vnc
> > client. What problem are you experiencing, exactly?
> > -----------
> > I'd flash you my business card, but my hands are too full of guns.
> > - Peter Quill, aka Star-Lord, making another dashing rescue
> >
>
>
> No problem for connect...The problem is:
>
> I need start x11vnc when computer boot...
>
> Sorry for my english.
>
> Thanks for your response.
>

Are you using a display manager and desktop environment? I once had a setup
exactly like you're describing.  What I did was:

- I had LightDM set to autologin the "xbmc" user, see
https://wiki.archlinux.org/index.php/Lightdm#Enabling_Autologin

- When the "xbmc" user was logged in, XFCE was autostarted using .xinitrc,
see https://wiki.archlinux.org/index.php/Xinitrc

- I wrote a simple bash script that started x11vnc. Using XFCE's settings
GUI, I added two autostart applications: XBMC and the start_x11vnc.sh
script I had written. See
https://wiki.archlinux.org/index.php/Xfce#Custom_Startup_Applications

With this setup when the machine starts, it will autologin the "xbmc" user,
it will start the XFCE desktop environment, and immediately XBMC will start
(normally full-screen) and the x11vnc server will also start.

There are more lightweight ways of doing this, but I liked being able to
exit XMBC and still have a full desktop environment for any file
manipulations or whatever.

From bigby.james at crepcran.com  Mon Apr  7 09:08:35 2014
From: bigby.james at crepcran.com (Bigby James)
Date: Mon, 7 Apr 2014 08:08:35 -0500
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
 <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
 <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
Message-ID: <20140407130835.GA11684@crepcran.com>

On Mon, Apr 07, 2014 at 01:06:06PM +0200, Maykel Franco wrote:
> 2014-04-07 13:00 GMT+02:00 geralt at gmail.com <geralt at gmail.com>:
> 
> I need start x11vnc when computer boot...
> 
> Sorry for my english.
> 
> Thanks for your response.

-- 
"A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams

There's probably a systemd unit for the VNC daemon you're using; enable it like
any other. You can start the VNC client on login by adding it to .xinitrc (or
using the autostart feature of your desktop environment).

From ngoonee.talk at gmail.com  Tue Apr  8 04:43:07 2014
From: ngoonee.talk at gmail.com (Oon-Ee Ng)
Date: Tue, 8 Apr 2014 16:43:07 +0800
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
Message-ID: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>

Got this odd behaviour today, and I use GIMP fairly frequently so this
only turned up in the past 3-4 days I think. I can't seem to
left-click in the image itself (left-clicking on menus registers), so
I can't, for example, paint anything.

Is this specific to my machine, or can someone else confirm? I'm
running 64-bit with [testing] and awesomewm (through gdm).

FWIW here's my pacman.log for the time period, nothing stands out for
me - http://pastebin.com/H3X82TY2

From ngoonee.talk at gmail.com  Tue Apr  8 05:39:56 2014
From: ngoonee.talk at gmail.com (Oon-Ee Ng)
Date: Tue, 8 Apr 2014 17:39:56 +0800
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
In-Reply-To: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
References: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
Message-ID: <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>

On Tue, Apr 8, 2014 at 4:43 PM, Oon-Ee Ng <ngoonee.talk at gmail.com> wrote:
> Got this odd behaviour today, and I use GIMP fairly frequently so this
> only turned up in the past 3-4 days I think. I can't seem to
> left-click in the image itself (left-clicking on menus registers), so
> I can't, for example, paint anything.
>
> Is this specific to my machine, or can someone else confirm? I'm
> running 64-bit with [testing] and awesomewm (through gdm).
>
> FWIW here's my pacman.log for the time period, nothing stands out for
> me - http://pastebin.com/H3X82TY2

And python-setuptools/python2-setuptools just updated, fixing it for
me. That was fast.

From felixonmars at gmail.com  Tue Apr  8 05:52:08 2014
From: felixonmars at gmail.com (Felix Yan)
Date: Tue, 08 Apr 2014 17:52:08 +0800
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
In-Reply-To: <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>
References: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
 <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>
Message-ID: <2285551.hthfPxbKIv@felix-arch>

On Tuesday, April 08, 2014 17:39:56 Oon-Ee Ng wrote:
> And python-setuptools/python2-setuptools just updated, fixing it for
> me. That was fast.

I don't think your problem was related to setuptools though. The recent two 
version bumps are only for patching its tests against python 3.1, which has 
nothing to do about us in any way.

Regards,
Felix Yan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140408/e86e1435/attachment.asc>

From maykeldebian at gmail.com  Tue Apr  8 07:31:44 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Tue, 8 Apr 2014 13:31:44 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
Message-ID: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>

Hi, I change for example dns in networkmanager, when restart
NetworkManager , "systemctl restart NetworkManager" the network not
works...

[maykel at maykel-arch ~]$ sudo systemctl status NetworkManager
? NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
   Active: active (running) since mar 2014-04-08 12:24:13 CEST; 19s ago
 Main PID: 3082 (NetworkManager)
   CGroup: /system.slice/NetworkManager.service
           ??1223 /usr/bin/dhcpcd -B -K -L -G -c
/usr/lib/networkmanager/nm-dhcp-client.action enp4s0f2
           ??3082 /usr/bin/NetworkManager --no-daemon

abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
DHCPv4 client pid 3093 exited with status 1
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
(enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) scheduled...
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
(enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) started...
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
device state change: ip-config -> failed (reason
'ip-config-unavailable') [70 120 5]
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info>
NetworkManager state is now DISCONNECTED
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Marking
connection 'MO2O' invalid.
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <warn> Activation
(enp4s0f2) failed for connection 'MO2O'
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
(enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) complete.
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
device state change: failed -> disconnected (reason 'none') [120 30 0]
abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
deactivating device (reason 'none') [0]

I have reboot my computer for network on again.

Is a bug networkmanager?

The version is:

maykel-arch /home/maykel # NetworkManager --version
0.9.8.8

Thanks in advanced.

From enwukaer at gmail.com  Tue Apr  8 07:57:15 2014
From: enwukaer at gmail.com (Nowaker)
Date: Tue, 08 Apr 2014 13:57:15 +0200
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
In-Reply-To: <2285551.hthfPxbKIv@felix-arch>
References: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
 <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>
 <2285551.hthfPxbKIv@felix-arch>
Message-ID: <5343E41B.2090001@gmail.com>

>> And python-setuptools/python2-setuptools just updated, fixing it for
>> me. That was fast.

> I don't think your problem was related to setuptools though. The recent two
> version bumps are only for patching its tests against python 3.1, which has
> nothing to do about us in any way.

What's more, setuptools is used for building Python packages.
I wouldn't expect setuptools to be used during GIMP runtime.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From ngoonee.talk at gmail.com  Tue Apr  8 08:32:53 2014
From: ngoonee.talk at gmail.com (Oon-Ee Ng)
Date: Tue, 8 Apr 2014 20:32:53 +0800
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
In-Reply-To: <5343E41B.2090001@gmail.com>
References: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
 <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>
 <2285551.hthfPxbKIv@felix-arch> <5343E41B.2090001@gmail.com>
Message-ID: <CAGQ70euKZ96UwtbOzSQ4YF0o_kCWcfX7g3sX19g4UCMJ9W93fA@mail.gmail.com>

On Tue, Apr 8, 2014 at 7:57 PM, Nowaker <enwukaer at gmail.com> wrote:
>>> And python-setuptools/python2-setuptools just updated, fixing it for
>>> me. That was fast.
>
>
>> I don't think your problem was related to setuptools though. The recent
>> two
>> version bumps are only for patching its tests against python 3.1, which
>> has
>> nothing to do about us in any way.
>
>
> What's more, setuptools is used for building Python packages.
> I wouldn't expect setuptools to be used during GIMP runtime.

I don't disagree, and its surprising to me as well. This last update
which moved things from not working to working was akonadi,
lib32-openssl, prison, and python{2}-setuptools.

Oddly enough now scrolling to zoom doesn't work.... I'll assume from
the (lack of) responses here that the problem is unique to me, and
investigate accordingly.

From l.jirkovsky at gmail.com  Tue Apr  8 09:46:07 2014
From: l.jirkovsky at gmail.com (Lukas Jirkovsky)
Date: Tue, 8 Apr 2014 15:46:07 +0200
Subject: [arch-general] systemd-tmpfiles doesn't clean build root from /tmp
Message-ID: <CAFa9FQsxaCaH5aGV0Y8pv8mwTD8_gXCBS8fB52meuOP52JXXGg@mail.gmail.com>

Hey guys,
I've started using /tmp for building packages using extra-x86_64-build
(and similar). However, I've a problem with the /tmp/extra-x86_64 not
being cleaned on boot by systemd-tmpclean.

I have the following in /etc/tmpfiles.d/tmp.conf:

    # Clear tmp directories separately, to make them easier to override
    d /tmp 1777 root root 0d
    d /var/tmp 1777 root root 0d
    # Exclude namespace mountpoints created with PrivateTmp=yes
    x /tmp/systemd-private-*
    x /var/tmp/systemd-private-*
    X /tmp/systemd-private-*/tmp
    X /var/tmp/systemd-private-*/tmp

the problem is that while it seems /tmp gets cleaned to some extent,
/tmp/extra-x86_64/ is still there. What is worse, the root is not
usable either:

    ==> ERROR: '/tmp/extra-x86_64/root' does not appear to be a Arch chroot.


Any ideas?

From neal.oakey at googlemail.com  Tue Apr  8 11:29:11 2014
From: neal.oakey at googlemail.com (Neal Oakey)
Date: Tue, 08 Apr 2014 17:29:11 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
Message-ID: <534415C7.1030805@googlemail.com>

Hi,

there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
only been patched in 1.0.1g.
Many other Distributions have build there own patch, what is with us?
Currently we have "1.0.1.f-2" which is effected as far as I can know.

Greetings
Neal

1) (sry, German)
http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-105685.html


From yaro at marupa.net  Tue Apr  8 11:32:03 2014
From: yaro at marupa.net (yaro at marupa.net)
Date: Tue, 08 Apr 2014 10:32:03 -0500
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <1628977.hKaO4eyouh@twilight>

On Tuesday, April 08, 2014 05:29:11 PM Neal Oakey wrote:
> Hi,
> 
> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
> only been patched in 1.0.1g.
> Many other Distributions have build there own patch, what is with us?
> Currently we have "1.0.1.f-2" which is effected as far as I can know.
> 
> Greetings
> Neal
> 
> 1) (sry, German)
> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-10
> 5685.html

I see 1.0.1g, myself. Make sure your mirror is up to date.

Conrad

From anatol.pomozov at gmail.com  Tue Apr  8 11:32:00 2014
From: anatol.pomozov at gmail.com (Anatol Pomozov)
Date: Tue, 8 Apr 2014 08:32:00 -0700
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <CAOMFOmXNREDY43US2ZO79imapm12b_9yws5FvG=q5HwvbTD34w@mail.gmail.com>

Hi

On Tue, Apr 8, 2014 at 8:29 AM, Neal Oakey <neal.oakey at googlemail.com> wrote:
> Hi,
>
> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
> only been patched in 1.0.1g.
> Many other Distributions have build there own patch, what is with us?

It is fixed already. The new version of openssl is in stable
repository already.
https://www.archlinux.org/packages/core/x86_64/openssl/

> Currently we have "1.0.1.f-2" which is effected as far as I can know.

From danielmicay at gmail.com  Tue Apr  8 11:32:04 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 08 Apr 2014 11:32:04 -0400
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <53441674.2020002@gmail.com>

% pacman -Si openssl
Repository     : core
Name           : openssl
Version        : 1.0.1.g-1
Description    : The Open Source toolkit for Secure Sockets Layer and
Transport Layer Security
Architecture   : x86_64
URL            : https://www.openssl.org
Licenses       : custom:BSD
Groups         : None
Provides       : None
Depends On     : zlib  perl
Optional Deps  : ca-certificates
Conflicts With : None
Replaces       : None
Download Size  : 2317.98 KiB
Installed Size : 6217.00 KiB
Packager       : Pierre Schmitz <pierre at archlinux.de>
Build Date     : Mon 07 Apr 2014 04:28:06 PM EDT
Validated By   : MD5 Sum  SHA256 Sum  Signature

https://www.archlinux.org/packages/core/x86_64/openssl/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140408/33debfcf/attachment.asc>

From mail at zjvandeweg.nl  Tue Apr  8 11:35:03 2014
From: mail at zjvandeweg.nl (Zeger-Jan van de Weg)
Date: Tue, 08 Apr 2014 17:35:03 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <1396971303.1640.3.camel@pb_laptop>


> Currently we have "1.0.1.f-2" which is effected as far as I can know.
pacman -Syu should upgrade it to 1.0.1.g-1?
pacman -Q openssl reports that version anyway, which fixes heartbleed.
[1]

Greetings,

Zeger-Jan van de Weg 
[1] https://www.openssl.org/news/secadv_20140407.txt


From neal.oakey at googlemail.com  Tue Apr  8 11:34:56 2014
From: neal.oakey at googlemail.com (Neal Oakey)
Date: Tue, 08 Apr 2014 17:34:56 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <1628977.hKaO4eyouh@twilight>
References: <534415C7.1030805@googlemail.com> <1628977.hKaO4eyouh@twilight>
Message-ID: <53441720.6010207@googlemail.com>

Hi,

ah ... ok kickt the top mirror - now I'm back up to date

tanks
Neal

Am 08.04.2014 17:32, schrieb yaro at marupa.net:
> On Tuesday, April 08, 2014 05:29:11 PM Neal Oakey wrote:
>> Hi,
>>
>> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
>> only been patched in 1.0.1g.
>> Many other Distributions have build there own patch, what is with us?
>> Currently we have "1.0.1.f-2" which is effected as far as I can know.
>>
>> Greetings
>> Neal
>>
>> 1) (sry, German)
>> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-10
>> 5685.html
> I see 1.0.1g, myself. Make sure your mirror is up to date.
>
> Conrad


From siosm99 at gmail.com  Tue Apr  8 12:13:28 2014
From: siosm99 at gmail.com (=?ISO-8859-15?Q?Timoth=E9e_Ravier?=)
Date: Tue, 08 Apr 2014 18:13:28 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <53442028.8020106@gmail.com>

On 08/04/2014 17:29, Neal Oakey wrote:
> Many other Distributions have build there own patch, what is with us?

As a reminder, there is now a Wiki page that tracks all security issues
and their status in Arch Linux [1]. If it's not there, please either add
the issue in the wiki by yourself and file a bug report (see [2]) or
drop by on irc at #archlinux-security (on Freenode) and let us know
about it.

[1] https://wiki.archlinux.org/index.php/CVE-2014
[2] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team

-- 
Timoth?e Ravier

From pierre at archlinux.de  Tue Apr  8 12:29:37 2014
From: pierre at archlinux.de (Pierre Schmitz)
Date: Tue, 08 Apr 2014 18:29:37 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <534415C7.1030805@googlemail.com>
References: <534415C7.1030805@googlemail.com>
Message-ID: <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>

Am 08.04.2014 17:29, schrieb Neal Oakey:
> Hi,
> 
> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
> only been patched in 1.0.1g.
> Many other Distributions have build there own patch, what is with us?
> Currently we have "1.0.1.f-2" which is effected as far as I can know.
> 
> Greetings
> Neal
> 
> 1) (sry, German)
> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-105685.html

I actually did push an updated package within 3 hours after the public
announcement. I think that is pretty reasonable especially since we are
not among the fortunate distros and companies that were notified
beforehand.

Greetings,

Pierre

-- 
Pierre Schmitz, https://pierre-schmitz.com

From anatol.pomozov at gmail.com  Tue Apr  8 12:35:52 2014
From: anatol.pomozov at gmail.com (Anatol Pomozov)
Date: Tue, 8 Apr 2014 09:35:52 -0700
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
References: <534415C7.1030805@googlemail.com>
 <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
Message-ID: <CAOMFOmV2TzhZ0zyPuP+F0+FUcChvJaNn-mMBegDJpyjdFMsMSA@mail.gmail.com>

Hi

On Tue, Apr 8, 2014 at 9:29 AM, Pierre Schmitz <pierre at archlinux.de> wrote:
> Am 08.04.2014 17:29, schrieb Neal Oakey:
>> Hi,
>>
>> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
>> only been patched in 1.0.1g.
>> Many other Distributions have build there own patch, what is with us?
>> Currently we have "1.0.1.f-2" which is effected as far as I can know.
>>
>> Greetings
>> Neal
>>
>> 1) (sry, German)
>> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-105685.html
>
> I actually did push an updated package within 3 hours after the public
> announcement. I think that is pretty reasonable especially since we are
> not among the fortunate distros and companies that were notified
> beforehand.

Is there any "secret security list" for distros where such issues are
discussed/notified before a vulnerable gets public attention? If there
is one then Arch should be added there as well.

From adys.wh at gmail.com  Tue Apr  8 12:54:14 2014
From: adys.wh at gmail.com (Jerome Leclanche)
Date: Tue, 8 Apr 2014 17:54:14 +0100
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <CAOMFOmV2TzhZ0zyPuP+F0+FUcChvJaNn-mMBegDJpyjdFMsMSA@mail.gmail.com>
References: <534415C7.1030805@googlemail.com>
 <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
 <CAOMFOmV2TzhZ0zyPuP+F0+FUcChvJaNn-mMBegDJpyjdFMsMSA@mail.gmail.com>
Message-ID: <CAFd36Bi2dmo0ZBv4_tt_uCQy_Se1EYMhOf16pQuP9WtrBTwD9g@mail.gmail.com>

Slightly OT but for those interested, I added the heartbleed utility
(used by the heartbleed checker site) to the AUR:
https://aur.archlinux.org/packages/heartbleed-git/

% heartbleed mediacru.sh:443
2014/04/08 17:53:57 mediacru.sh:443 - SAFE
J. Leclanche


On Tue, Apr 8, 2014 at 5:35 PM, Anatol Pomozov <anatol.pomozov at gmail.com> wrote:
> Hi
>
> On Tue, Apr 8, 2014 at 9:29 AM, Pierre Schmitz <pierre at archlinux.de> wrote:
>> Am 08.04.2014 17:29, schrieb Neal Oakey:
>>> Hi,
>>>
>>> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
>>> only been patched in 1.0.1g.
>>> Many other Distributions have build there own patch, what is with us?
>>> Currently we have "1.0.1.f-2" which is effected as far as I can know.
>>>
>>> Greetings
>>> Neal
>>>
>>> 1) (sry, German)
>>> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-105685.html
>>
>> I actually did push an updated package within 3 hours after the public
>> announcement. I think that is pretty reasonable especially since we are
>> not among the fortunate distros and companies that were notified
>> beforehand.
>
> Is there any "secret security list" for distros where such issues are
> discussed/notified before a vulnerable gets public attention? If there
> is one then Arch should be added there as well.

From anatol.pomozov at gmail.com  Tue Apr  8 13:56:39 2014
From: anatol.pomozov at gmail.com (Anatol Pomozov)
Date: Tue, 8 Apr 2014 10:56:39 -0700
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <CAOMFOmXNREDY43US2ZO79imapm12b_9yws5FvG=q5HwvbTD34w@mail.gmail.com>
References: <534415C7.1030805@googlemail.com>
 <CAOMFOmXNREDY43US2ZO79imapm12b_9yws5FvG=q5HwvbTD34w@mail.gmail.com>
Message-ID: <CAOMFOmUMhm-kD5SNg23ikp6r5K0NaqW-woYZVSfbS+5GSoP=Xw@mail.gmail.com>

Hi

On Tue, Apr 8, 2014 at 8:32 AM, Anatol Pomozov <anatol.pomozov at gmail.com> wrote:
> Hi
>
> On Tue, Apr 8, 2014 at 8:29 AM, Neal Oakey <neal.oakey at googlemail.com> wrote:
>> Hi,
>>
>> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
>> only been patched in 1.0.1g.
>> Many other Distributions have build there own patch, what is with us?
>
> It is fixed already. The new version of openssl is in stable
> repository already.
> https://www.archlinux.org/packages/core/x86_64/openssl/
>
>> Currently we have "1.0.1.f-2" which is effected as far as I can know.

One more tip: after you updated a system and installed new openssl
package you need to restart services that still use old version of
openssl. Here is one-liner (from [1]) that finds such applications for
you:

sudo lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | grep ssl

[1] https://wiki.archlinux.org/index.php/Pacman_Tips#Find_applications_that_use_libraries_from_older_packages

From r.b.n at riseup.net  Tue Apr  8 14:17:45 2014
From: r.b.n at riseup.net (RbN)
Date: Tue, 08 Apr 2014 20:17:45 +0200
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
References: <534415C7.1030805@googlemail.com>
 <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
Message-ID: <1868451.A4h9xsQFKZ@glannarmor>

> I actually did push an updated package within 3 hours after the public
> announcement. I think that is pretty reasonable especially since we are
> not among the fortunate distros and companies that were notified
> beforehand.

It's very good! Only a few distribution and vendors can do that!

What is the situation with the Archlinux websites and others servers?

I remind that this flaw is rather critical and applying the patch/new version 
is probably not enough (especially if you are . There is already a lot of 
people playing with this bug and trying to extract "secrets" and sensitive 
data from servers. TLS private keys should be revoked and new ones get 
generated, as htpasswd etc.

o/
RbN
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140408/29d1d1a6/attachment.asc>

From rodrigorivascosta at gmail.com  Tue Apr  8 19:04:37 2014
From: rodrigorivascosta at gmail.com (Rodrigo Rivas)
Date: Wed, 9 Apr 2014 01:04:37 +0200
Subject: [arch-general] GIMP odd behaviour - left-click not registering?
In-Reply-To: <CAGQ70euKZ96UwtbOzSQ4YF0o_kCWcfX7g3sX19g4UCMJ9W93fA@mail.gmail.com>
References: <CAGQ70ev868C1gAzRF1KmzP2ZD-TwzQ+6Zoft_C8b-U3uWjayrg@mail.gmail.com>
 <CAGQ70esxMER5UvSVcVytiws00MLub8L9mSf4oOwg0V_8gUmWNw@mail.gmail.com>
 <2285551.hthfPxbKIv@felix-arch> <5343E41B.2090001@gmail.com>
 <CAGQ70euKZ96UwtbOzSQ4YF0o_kCWcfX7g3sX19g4UCMJ9W93fA@mail.gmail.com>
Message-ID: <CABNG1c1hzfacbS7yLP5UZ9NQ+xwHwSTXCLMeu3wxWrcoUCTW9w@mail.gmail.com>

On Tue, Apr 8, 2014 at 2:32 PM, Oon-Ee Ng <ngoonee.talk at gmail.com> wrote:
> On Tue, Apr 8, 2014 at 7:57 PM, Nowaker <enwukaer at gmail.com> wrote:
>>>> And python-setuptools/python2-setuptools just updated, fixing it for
>>>> me. That was fast.
>>
>>
>>> I don't think your problem was related to setuptools though. The recent
>>> two
>>> version bumps are only for patching its tests against python 3.1, which
>>> has
>>> nothing to do about us in any way.
>>
>>
>> What's more, setuptools is used for building Python packages.
>> I wouldn't expect setuptools to be used during GIMP runtime.
>
> I don't disagree, and its surprising to me as well. This last update
> which moved things from not working to working was akonadi,
> lib32-openssl, prison, and python{2}-setuptools.
>
> Oddly enough now scrolling to zoom doesn't work.... I'll assume from
> the (lack of) responses here that the problem is unique to me, and
> investigate accordingly.

I've had similar issues when I have two mouses (mice?) connected at
the same time. Or a mouse and a drawing tablet.

I think it is related to the dynamic pressure and the input device
configuration, but I don't use GIMP so much to care and investigate
it.

From kyleterrien at gmail.com  Tue Apr  8 19:21:19 2014
From: kyleterrien at gmail.com (Kyle Terrien)
Date: Tue, 08 Apr 2014 16:21:19 -0700
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
 service
In-Reply-To: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
Message-ID: <5344846F.1010803@gmail.com>

On 04/08/2014 04:31 AM, Maykel Franco wrote:
> Hi, I change for example dns in networkmanager, when restart
> NetworkManager , "systemctl restart NetworkManager" the network not
> works...
> 
> ...
> 
> I have reboot my computer for network on again.
> 
> Is a bug networkmanager?
> 
> The version is:
> 
> maykel-arch /home/maykel # NetworkManager --version
> 0.9.8.8
> 
> Thanks in advanced.
> 

Network goes down because NetworkManager leaves dhcpcd running. In fact
my network remains up after running "systemctl stop
NetworkManager.service" because dhcpcd is left managing enp0s25.

If NetworkManager sees dhcpcd managing an interface when NetworkManager
starts up, NetworkManager does funny things.

So, why does "systemctl stop NetworkManager.service" leave dhcpcd
running?

The workaround:

sudo systemctl stop NetworkManager.service
sudo killall dhcpcd
sudo systemctl start NetworkManager.service

Here is a shell session where I (effectively) do the above:

kyle at landru ~ $ sudo systemctl stop NetworkManager.service
[sudo] password for kyle:
kyle at landru ~ $ systemctl status NetworkManager.service
? NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
   Active: inactive (dead) since Tue 2014-04-08 15:41:08 PDT; 8s ago
  Process: 2792 ExecStart=/usr/bin/NetworkManager --no-daemon (code=exited,
status=0/SUCCESS)
 Main PID: 2792 (code=exited, status=0/SUCCESS)

Apr 08 15:14:14 landru NetworkManager[2792]: <info> Activation (enp0s25) suc....
Apr 08 15:14:21 landru dhcpcd[2822]: enp0s25: no IPv6 Routers available
Apr 08 15:14:29 landru NetworkManager[2792]: <info> (enp0s25): IP6 addrconf ....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:41:08 landru systemd[1]: Stopping Network Manager...
Apr 08 15:41:08 landru NetworkManager[2792]: <info> caught signal 15, shutti....
Apr 08 15:41:08 landru NetworkManager[2792]: <info> Writing DNS information ...f
Apr 08 15:41:08 landru systemd[1]: Stopped Network Manager.
Hint: Some lines were ellipsized, use -l to show in full.
kyle at landru ~ $ systemctl status | grep -A 1 NetworkManager.service
           ?   ? ??3623 grep --color=auto -A 1 NetworkManager.service
           ?   ??user at 2290.service
--
             ??NetworkManager.service
             ? ??2822 /usr/bin/dhcpcd -B -K -L -G -c
/usr/lib/networkmanager/nm-dhcp-client.action enp0s25
kyle at landru ~ $ sudo kill 2822
kyle at landru ~ $ systemctl status | grep -A 1 NetworkManager.service
           ?   ? ??3631 grep --color=auto -A 1 NetworkManager.service
           ?   ??user at 2290.service
kyle at landru ~ $ systemctl status NetworkManager.service
? NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
   Active: inactive (dead) since Tue 2014-04-08 15:41:08 PDT; 4min 25s ago
  Process: 2792 ExecStart=/usr/bin/NetworkManager --no-daemon (code=exited,
status=0/SUCCESS)
 Main PID: 2792 (code=exited, status=0/SUCCESS)

Apr 08 15:14:29 landru NetworkManager[2792]: <info> (enp0s25): IP6 addrconf ....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
Apr 08 15:41:08 landru systemd[1]: Stopping Network Manager...
Apr 08 15:41:08 landru NetworkManager[2792]: <info> caught signal 15, shutti....
Apr 08 15:41:08 landru NetworkManager[2792]: <info> Writing DNS information ...f
Apr 08 15:41:08 landru systemd[1]: Stopped Network Manager.
Apr 08 15:43:59 landru dhcpcd[2822]: received signal TERM from PID 3626, st...ng
Apr 08 15:43:59 landru dhcpcd[2822]: enp0s25: removing interface
Hint: Some lines were ellipsized, use -l to show in full.
kyle at landru ~ $ sudo systemctl start NetworkManager.service
kyle at landru ~ $

--Kyle

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140408/535897c5/attachment-0001.asc>

From gostrc at gmail.com  Wed Apr  9 01:27:58 2014
From: gostrc at gmail.com (Thomas Dziedzic)
Date: Tue, 8 Apr 2014 22:27:58 -0700
Subject: [arch-general] GHC 7.8.1 packaging decisions for Arch Linux
Message-ID: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>

Hello all,

With the arrival of ghc 7.8.1 [0], I would like to address the following
problems with a restructuring of how we treat haskell packages in archlinux:

Problem 1: Updating any haskell package has been delayed until we bump ghc.
Explanation: ghc is unable to produce a library that has a stable abi. In
other words, if a library gets rebuilt (even if it's the same exact
source), we will need to rebuild all package that depend on it, and this
would in turn a messy rebuild for any kind of rebuild.

Problem 2: Users are confused whether they should install packages from the
repos or using cabal-install. This in turn sometimes causes them to install
some packages from official repos, some from the aur, and some using
cabal-install
Explanation: Packages should ideally be installed from one place, either
using repos/aur or cabal-install. Said that, it is entirely possible to use
both repos/aur and cabal-install but for simplicity, one source is
preferred.

Problem 3: Our repos are unable to package every haskell package
Explanation: hackage has over 5000 haskell packages in it currently. There
is no way we will be able to support that many packages in our official
repos without some kind of automation. And even if it would be possible, it
would not necessarily be desirable. In addition, it is entirely possible to
have multiple versions of the same package installed at the same time.
Cabal has a very elaborate dependency solver in order to find versions that
will work for all package versions installed.

In addition, cabal-install 1.18 (the latest released) has added support for
sandboxes, meaning that when developing haskell programs, you are now able
to setup a sandbox environment that will only contain the haskell packages
you want.

I would like to propose the following changes to address the mentioned
problems and having the ability to use sandboxes to isolate development
environments.

Change 1: Move every haskell related package out of [extra] into
[community] except ghc and cabal-install. This includes the following 8
packages: haskell-http, haskell-mtl, haskell-network, haskell-parsec,
haskell-random, haskell-text, haskell-transformers, haskell-zlib
Explanation: These packages are only required to build cabal-install. Since
we converted the cabal-install package to use the bootstrap script that
comes with it, we no longer depend on these packages for anything in
[extra].

Change 2: Make a news item stating that cabal-install is now the
recommended way to install haskell packages. This wouldn't pollute the
filesystem since cabal-install installs packages to the ~/.cabal directory
by default. We might need to include a tip sheet about how you would handle
ghc updates since it requires extra user steps.

Change 3: Support users who are unable to install haskell packages that do
not compile under archlinux. This would require working with the user and
upstream to open up tickets and write patches for programs. At the very
least we can work with the user if they do not to open up upstream bug
reports and track them in our own bug tracker. There might be some packages
which we would probably consider unsupported like bindings to packages that
are not in the supported repos and packages that have no upstream activity
and ones that are effectively unmaintained.

Hopefully with the proposed changes, we can improve our user experience
with using official tools to maintain haskell packages.

I realize that some changes might be controversial especially change 3.
This is why I posted this here in order to discuss the possibilities. I
would also love to hear some opinions from vegai since he has some previous
experience package haskell and has had similar thoughts in the past. Also
if you're not a developer or trusted user, I would also like to hear your
opinion since it would affect you also.

Thanks for your time,
- Tom

[0] - https://github.com/ghc/ghc/releases/tag/ghc-7.8.1-release

From magnus at therning.org  Wed Apr  9 03:07:22 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 9 Apr 2014 09:07:22 +0200
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
	Arch Linux
In-Reply-To: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
Message-ID: <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>

Tom,

I might come across as very critical below, but I'm really not.  As
you probably realise I've also thought a bit about related questions
and I'm just really interested in your thoughts and answers.

On Wed, Apr 9, 2014 at 7:27 AM, Thomas Dziedzic <gostrc at gmail.com> wrote:
> Hello all,
>
> With the arrival of ghc 7.8.1 [0], I would like to address the following
> problems with a restructuring of how we treat haskell packages in archlinux:
[...]
> Change 1: Move every haskell related package out of [extra] into
> [community] except ghc and cabal-install. This includes the following 8
> packages: haskell-http, haskell-mtl, haskell-network, haskell-parsec,
> haskell-random, haskell-text, haskell-transformers, haskell-zlib
> Explanation: These packages are only required to build cabal-install. Since
> we converted the cabal-install package to use the bootstrap script that
> comes with it, we no longer depend on these packages for anything in
> [extra].

I'm guessing this means cabal-install now is the only package outside
of [community] that uses ghc to build.  Is that right?

Is the plan then that any future tools (i.e. non-libraries)
implemented in Haskell would go into [community]?

<devil advocate>
There is nothing that say one HAS to wait for a ghc upgrade in order
to provide newer versions of Haskell packages.  As you point all
that's needed is a rebuild of all the packages that depend on the
upgraded one.  If that's messy it sounds like you are using bad tools
to handle upgrading.  Are you really suggesting ArchLinux abandon
packaging a whole class of software just because the tools are
inadequate?
</devils advocate>

> Change 2: Make a news item stating that cabal-install is now the
> recommended way to install haskell packages. This wouldn't pollute the
> filesystem since cabal-install installs packages to the ~/.cabal directory
> by default. We might need to include a tip sheet about how you would handle
> ghc updates since it requires extra user steps.

It should be noted that cabal-install isn't a package manager in the
true sense[1].  I'm not sure this is an argument against making the
change you propose, but it's worth noting.

There are quite a few other language/frameworks that have
language-specific build/package systems, Python, Ruby, Perl,
node.js...  Are Python developers on Arch pointed towards using pip to
install Python libs?

I think sometimes the right thing is to point users to another package
manager, e.g. packaging vim scripts for system wide installation is a
bit silly, since installing a vim script affects ALL users on the
system.  So doing that would require providing some sort of vim-script
manager to users.  Then there's very little difference compared to
just telling users to use Vundle/Pathogen/whatever directly instead.
However, this isn't the case for Haskell/GHC...

> Change 3: Support users who are unable to install haskell packages that do
> not compile under archlinux. This would require working with the user and
> upstream to open up tickets and write patches for programs. At the very
> least we can work with the user if they do not to open up upstream bug
> reports and track them in our own bug tracker. There might be some packages
> which we would probably consider unsupported like bindings to packages that
> are not in the supported repos and packages that have no upstream activity
> and ones that are effectively unmaintained.

How do you envision this actually working?
The set of packages in [extra]/[community] is rather small today, in
the order of 3 dozen, so does this mean that users are already turning
to the Arch devs when they are having problems compiling Haskell
packages?

/M

[1]: http://is.gd/vzse5G-


-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

From jelle at vdwaa.nl  Wed Apr  9 03:35:47 2014
From: jelle at vdwaa.nl (Jelle van der Waa)
Date: Wed, 9 Apr 2014 09:35:47 +0200
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
 Arch Linux
In-Reply-To: <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
Message-ID: <CABZerzzSPso9vwt18nXGj+e2HCSQSpCKO==Nd1gPfDFkG4MT+g@mail.gmail.com>

On Wed, Apr 9, 2014 at 9:07 AM, Magnus Therning <magnus at therning.org> wrote:

> Tom,
>
> I might come across as very critical below, but I'm really not.  As
> you probably realise I've also thought a bit about related questions
> and I'm just really interested in your thoughts and answers.
>
> On Wed, Apr 9, 2014 at 7:27 AM, Thomas Dziedzic <gostrc at gmail.com> wrote:
> > Hello all,
> >
> > With the arrival of ghc 7.8.1 [0], I would like to address the following
> > problems with a restructuring of how we treat haskell packages in
> archlinux:
> [...]
> > Change 1: Move every haskell related package out of [extra] into
> > [community] except ghc and cabal-install. This includes the following 8
> > packages: haskell-http, haskell-mtl, haskell-network, haskell-parsec,
> > haskell-random, haskell-text, haskell-transformers, haskell-zlib
> > Explanation: These packages are only required to build cabal-install.
> Since
> > we converted the cabal-install package to use the bootstrap script that
> > comes with it, we no longer depend on these packages for anything in
> > [extra].
>
> I'm guessing this means cabal-install now is the only package outside
> of [community] that uses ghc to build.  Is that right?
>
> Is the plan then that any future tools (i.e. non-libraries)
> implemented in Haskell would go into [community]?
>
> I would like to keep XMonad/XMobar in [community] it does seem to take up
a big chunk of the haskell-* packages we have in our repos. But I've never
ran into real big issues packaging haskell libraries, one minor issue is
that the developers tend to oversplit packages for example
haskell-data-default-* . This really makes packaging haskell libraries
annoying.

It should be noted that cabal-install isn't a package manager in the
> true sense[1].  I'm not sure this is an argument against making the
> change you propose, but it's worth noting.
>
> There are quite a few other language/frameworks that have
> language-specific build/package systems, Python, Ruby, Perl,
> node.js...  Are Python developers on Arch pointed towards using pip to
> install Python libs?
>
> I think sometimes the right thing is to point users to another package
> manager, e.g. packaging vim scripts for system wide installation is a
> bit silly, since installing a vim script affects ALL users on the
> system.  So doing that would require providing some sort of vim-script
> manager to users.  Then there's very little difference compared to
> just telling users to use Vundle/Pathogen/whatever directly instead.
> However, this isn't the case for Haskell/GHC...
>
> I would prefer that we don't package vim plugins or firefox extensions.
Firefox has it's own extension manager and vim has a lot of solutions which
work better then pacman.

> Change 3: Support users who are unable to install haskell packages that do
> > not compile under archlinux. This would require working with the user and
> > upstream to open up tickets and write patches for programs. At the very
> > least we can work with the user if they do not to open up upstream bug
> > reports and track them in our own bug tracker. There might be some
> packages
> > which we would probably consider unsupported like bindings to packages
> that
> > are not in the supported repos and packages that have no upstream
> activity
> > and ones that are effectively unmaintained.
>
> How do you envision this actually working?
> The set of packages in [extra]/[community] is rather small today, in
> the order of 3 dozen, so does this mean that users are already turning
> to the Arch devs when they are having problems compiling Haskell
> packages?
>
> How many haskell developers actually use our packages in the repos/aur
rather then using caba-install?

-- 
Jelle van der Waa

From maykeldebian at gmail.com  Wed Apr  9 04:22:00 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Wed, 9 Apr 2014 10:22:00 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <5344846F.1010803@gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
Message-ID: <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>

2014-04-09 1:21 GMT+02:00 Kyle Terrien <kyleterrien at gmail.com>:
> On 04/08/2014 04:31 AM, Maykel Franco wrote:
>> Hi, I change for example dns in networkmanager, when restart
>> NetworkManager , "systemctl restart NetworkManager" the network not
>> works...
>>
>> ...
>>
>> I have reboot my computer for network on again.
>>
>> Is a bug networkmanager?
>>
>> The version is:
>>
>> maykel-arch /home/maykel # NetworkManager --version
>> 0.9.8.8
>>
>> Thanks in advanced.
>>
>
> Network goes down because NetworkManager leaves dhcpcd running. In fact
> my network remains up after running "systemctl stop
> NetworkManager.service" because dhcpcd is left managing enp0s25.
>
> If NetworkManager sees dhcpcd managing an interface when NetworkManager
> starts up, NetworkManager does funny things.
>
> So, why does "systemctl stop NetworkManager.service" leave dhcpcd
> running?
>
> The workaround:
>
> sudo systemctl stop NetworkManager.service
> sudo killall dhcpcd
> sudo systemctl start NetworkManager.service
>
> Here is a shell session where I (effectively) do the above:
>
> kyle at landru ~ $ sudo systemctl stop NetworkManager.service
> [sudo] password for kyle:
> kyle at landru ~ $ systemctl status NetworkManager.service
> ? NetworkManager.service - Network Manager
>    Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
>    Active: inactive (dead) since Tue 2014-04-08 15:41:08 PDT; 8s ago
>   Process: 2792 ExecStart=/usr/bin/NetworkManager --no-daemon (code=exited,
> status=0/SUCCESS)
>  Main PID: 2792 (code=exited, status=0/SUCCESS)
>
> Apr 08 15:14:14 landru NetworkManager[2792]: <info> Activation (enp0s25) suc....
> Apr 08 15:14:21 landru dhcpcd[2822]: enp0s25: no IPv6 Routers available
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> (enp0s25): IP6 addrconf ....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:41:08 landru systemd[1]: Stopping Network Manager...
> Apr 08 15:41:08 landru NetworkManager[2792]: <info> caught signal 15, shutti....
> Apr 08 15:41:08 landru NetworkManager[2792]: <info> Writing DNS information ...f
> Apr 08 15:41:08 landru systemd[1]: Stopped Network Manager.
> Hint: Some lines were ellipsized, use -l to show in full.
> kyle at landru ~ $ systemctl status | grep -A 1 NetworkManager.service
>            ?   ? ??3623 grep --color=auto -A 1 NetworkManager.service
>            ?   ??user at 2290.service
> --
>              ??NetworkManager.service
>              ? ??2822 /usr/bin/dhcpcd -B -K -L -G -c
> /usr/lib/networkmanager/nm-dhcp-client.action enp0s25
> kyle at landru ~ $ sudo kill 2822
> kyle at landru ~ $ systemctl status | grep -A 1 NetworkManager.service
>            ?   ? ??3631 grep --color=auto -A 1 NetworkManager.service
>            ?   ??user at 2290.service
> kyle at landru ~ $ systemctl status NetworkManager.service
> ? NetworkManager.service - Network Manager
>    Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
>    Active: inactive (dead) since Tue 2014-04-08 15:41:08 PDT; 4min 25s ago
>   Process: 2792 ExecStart=/usr/bin/NetworkManager --no-daemon (code=exited,
> status=0/SUCCESS)
>  Main PID: 2792 (code=exited, status=0/SUCCESS)
>
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> (enp0s25): IP6 addrconf ....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:14:29 landru NetworkManager[2792]: <info> Activation (enp0s25) Sta....
> Apr 08 15:41:08 landru systemd[1]: Stopping Network Manager...
> Apr 08 15:41:08 landru NetworkManager[2792]: <info> caught signal 15, shutti....
> Apr 08 15:41:08 landru NetworkManager[2792]: <info> Writing DNS information ...f
> Apr 08 15:41:08 landru systemd[1]: Stopped Network Manager.
> Apr 08 15:43:59 landru dhcpcd[2822]: received signal TERM from PID 3626, st...ng
> Apr 08 15:43:59 landru dhcpcd[2822]: enp0s25: removing interface
> Hint: Some lines were ellipsized, use -l to show in full.
> kyle at landru ~ $ sudo systemctl start NetworkManager.service
> kyle at landru ~ $
>
> --Kyle
>

Thanks for all. You're right. When stop NetworkManager, leave dhcpcd running:

maykel-arch /home/maykel/ :( # systemctl stop NetworkManager
maykel-arch /home/maykel/ # ps aux | grep dhcpcd
root      8465  0.0  0.0   8648  1012 ?        S    10:14   0:00
/usr/bin/dhcpcd -B -K -L -G -c
/usr/lib/networkmanager/nm-dhcp-client.action enp4s0f2
root      8562  0.0  0.0  10924  1100 pts/1    S+   10:17   0:00 grep
--color=auto dhcpcd

All ok and it works but...Why in Debian, Ubuntu, Opensuse, for
example, when restart the networkma nager, I do not need to kill the
process networkmanager. Smooth network is well restart.

Thanks for all.

From jan.steffens at gmail.com  Wed Apr  9 04:30:54 2014
From: jan.steffens at gmail.com (Jan Alexander Steffens)
Date: Wed, 9 Apr 2014 10:30:54 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
 <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
Message-ID: <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>

On Wed, Apr 9, 2014 at 10:22 AM, Maykel Franco <maykeldebian at gmail.com> wrote:
> All ok and it works but...Why in Debian, Ubuntu, Opensuse, for
> example, when restart the networkma nager, I do not need to kill the
> process networkmanager. Smooth network is well restart.
>
> Thanks for all.

Please try installing dhclient. It's NetworkManager's preferred DHCP client.

From maykeldebian at gmail.com  Wed Apr  9 04:39:40 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Wed, 9 Apr 2014 10:39:40 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
 <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
 <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>
Message-ID: <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>

2014-04-09 10:30 GMT+02:00 Jan Alexander Steffens <jan.steffens at gmail.com>:
> On Wed, Apr 9, 2014 at 10:22 AM, Maykel Franco <maykeldebian at gmail.com> wrote:
>> All ok and it works but...Why in Debian, Ubuntu, Opensuse, for
>> example, when restart the networkma nager, I do not need to kill the
>> process networkmanager. Smooth network is well restart.
>>
>> Thanks for all.
>
> Please try installing dhclient. It's NetworkManager's preferred DHCP client.

OK, but I uninstall dhcpcd?  I have to do something to use dhclient
networkmanager?

Thanks.

From jan.steffens at gmail.com  Wed Apr  9 04:55:28 2014
From: jan.steffens at gmail.com (Jan Alexander Steffens)
Date: Wed, 9 Apr 2014 10:55:28 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
 <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
 <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>
 <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>
Message-ID: <CAMQ-g0cRP_RhQV0ik4G_jLNH-TKg-uFiV3m86sTVifo_hcVD5g@mail.gmail.com>

On Wed, Apr 9, 2014 at 10:39 AM, Maykel Franco <maykeldebian at gmail.com> wrote:
> OK, but I uninstall dhcpcd?  I have to do something to use dhclient
> networkmanager?

No, just reboot or restart NetworkManager (cleaning up dhcpcd if needed).

From mysatyre at gmail.com  Wed Apr  9 04:56:34 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Wed, 9 Apr 2014 10:56:34 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
 <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
 <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>
 <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>
Message-ID: <CAONKL1BUXiUHRAR5zKpKO_JGL_5QwcXnHA2NMgEK2A4+ZN0yMg@mail.gmail.com>

On Wed, Apr 9, 2014 at 10:39 AM, Maykel Franco <maykeldebian at gmail.com> wrote:
>
> OK, but I uninstall dhcpcd?  I have to do something to use dhclient
> networkmanager?
>

you can explicitly configure the client to be used, as stated in [0].

cheers!
mar77i

[0] http://manpages.ubuntu.com/manpages/natty/man5/NetworkManager.conf.5.html

From maykeldebian at gmail.com  Wed Apr  9 05:43:52 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Wed, 9 Apr 2014 11:43:52 +0200
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
	service
In-Reply-To: <CAONKL1BUXiUHRAR5zKpKO_JGL_5QwcXnHA2NMgEK2A4+ZN0yMg@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
 <5344846F.1010803@gmail.com>
 <CAJ2aOA_hw=WLszB2zG=rp_7CHTXmiq0M0Xk=P4=0QoBDJHf7BA@mail.gmail.com>
 <CAMQ-g0efiF1UgzNtspEjGmZ2-da42mXtvs5qew8TwMpZoROsmQ@mail.gmail.com>
 <CAJ2aOA_i7wHEzrjv+O70O=Oz3h_jQ_Jfag_tQLAs2VbcuwUgCg@mail.gmail.com>
 <CAONKL1BUXiUHRAR5zKpKO_JGL_5QwcXnHA2NMgEK2A4+ZN0yMg@mail.gmail.com>
Message-ID: <CAJ2aOA86p6RMiZMMye5xvF43dTGFN+0Wex_ArZ4d0SO7V7vYHg@mail.gmail.com>

2014-04-09 10:56 GMT+02:00 Martti K?hne <mysatyre at gmail.com>:
> On Wed, Apr 9, 2014 at 10:39 AM, Maykel Franco <maykeldebian at gmail.com> wrote:
>>
>> OK, but I uninstall dhcpcd?  I have to do something to use dhclient
>> networkmanager?
>>
>
> you can explicitly configure the client to be used, as stated in [0].
>
> cheers!
> mar77i
>
> [0] http://manpages.ubuntu.com/manpages/natty/man5/NetworkManager.conf.5.html

Now It works only systemctl restart NetworkManager. Many thanks!!!

I love arch, is fastest and the packages is latest...Sorry for my english.

From maykeldebian at gmail.com  Wed Apr  9 08:07:43 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Wed, 9 Apr 2014 14:07:43 +0200
Subject: [arch-general] Problem cups printing with CANON-LBP7750cdn
Message-ID: <CAJ2aOA8Kwy5qkTMCz4Er4fdcLC6c44imiZefo7+T00yMMTEXZw@mail.gmail.com>

Hi, I configurated printer with cups web interface. Check printer with
command line in arch:

maykel-arch /home/maykel/Descargas :( # lpinfo -v
file cups-pdf:/
network lpd
network https
network http
network socket
network ipps
network ipp
network smb
network socket://10.1.0.5


maykel-arch /home/maykel/Descargas :( # lpinfo -m |  grep -i canon | grep 7750
lsb/usr/canon/cel-lbp7750c-pcl-en.ppd.gz Canon LBP7750C PCL
lsb/usr/canon/cel-lbp7750c-ps-en.ppd.gz Canon LBP7750C PS
lsb/usr/canon/cel-lbp7750c-pxl-en.ppd.gz Canon LBP7750C PXL
CNCUPSLBP7750CZK.ppd Canon LBP7750C/5460 UFR II ver.2.8  *** USED
lsb/usr/CNCUPSLBP7750CZK.ppd Canon LBP7750C/5460 UFR II ver.2.8


maykel-arch /home/maykel/Descargas # LC_ALL=C lpstat -s
system default destination: Canon-LBP7750C-5460
device for Canon-LBP7750C-5460: socket://10.1.0.5:9100


maykel-arch /home/maykel/Descargas # LANG=C lpstat -p Canon-LBP7750C-5460
printer Canon-LBP7750C-5460 is idle.  enabled since Wed Apr  9 13:50:55 2014
Waiting finished printer


The problem is when I go to the printing, the file not printing but
the document appear in the queue printer...And in my
http://localhost:631 appear the document in progress but never
printer...

My printer has web administracion and I see the document in queue.

Can I help me please?

Thanks in advanced.

From imntreal at gmail.com  Wed Apr  9 13:32:37 2014
From: imntreal at gmail.com (Jameson)
Date: Wed, 9 Apr 2014 13:32:37 -0400
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <533ABF7D.5000608@gmail.com>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
 <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
 <533ABF7D.5000608@gmail.com>
Message-ID: <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>

On Tue, Apr 1, 2014 at 9:30 AM, Nowaker <enwukaer at gmail.com> wrote:
>
>>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
>
>
>> But the most interesting part is that your apache is replying with "200",
>> that is OK!
>
>
> Nice catch! It's certainly a proxy.

Thanks for everyone's help with this. I did in fact have ProxyRequests
set to On thinking it was needed for reverse proxies as well, and have
turned it off. Now, when I open up port 80, it looks like they're
still trying, but I'm replying with 404. Is that what it should be
doing? I probably also need to make sure I have some throttling setup
in case this is too much for my Internet connection.

From admin at progandy.de  Wed Apr  9 13:38:37 2014
From: admin at progandy.de (ProgAndy)
Date: Wed, 09 Apr 2014 19:38:37 +0200
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
 <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
 <533ABF7D.5000608@gmail.com>
 <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>
Message-ID: <5345859D.5080505@progandy.de>

Am 09.04.2014 19:32, schrieb Jameson:
> On Tue, Apr 1, 2014 at 9:30 AM, Nowaker <enwukaer at gmail.com> wrote:
>>>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>>>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
>>
>>> But the most interesting part is that your apache is replying with "200",
>>> that is OK!
>>
>> Nice catch! It's certainly a proxy.
> Thanks for everyone's help with this. I did in fact have ProxyRequests
> set to On thinking it was needed for reverse proxies as well, and have
> turned it off. Now, when I open up port 80, it looks like they're
> still trying, but I'm replying with 404. Is that what it should be
> doing? I probably also need to make sure I have some throttling setup
> in case this is too much for my Internet connection.
If you know the IP addresses (or address-ranges) you use to connect to 
your server, I suggest you block everything else for the time being with 
an iptables rule.

From geralt at gmail.com  Wed Apr  9 13:52:28 2014
From: geralt at gmail.com (geralt at gmail.com)
Date: Wed, 9 Apr 2014 19:52:28 +0200
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <5345859D.5080505@progandy.de>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
 <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
 <533ABF7D.5000608@gmail.com>
 <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>
 <5345859D.5080505@progandy.de>
Message-ID: <CAN=JGOCBfC5s2sCdy_wWgA=Cn01NHKZr5FJ3_eL3fLJVVqLQ6A@mail.gmail.com>

On Wed, Apr 9, 2014 at 7:38 PM, ProgAndy <admin at progandy.de> wrote:

> Am 09.04.2014 19:32, schrieb Jameson:
>
>  On Tue, Apr 1, 2014 at 9:30 AM, Nowaker <enwukaer at gmail.com> wrote:
>>
>>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>>>>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
>>>>>
>>>>
>>>  But the most interesting part is that your apache is replying with
>>>> "200",
>>>> that is OK!
>>>>
>>>
>>> Nice catch! It's certainly a proxy.
>>>
>> Thanks for everyone's help with this. I did in fact have ProxyRequests
>> set to On thinking it was needed for reverse proxies as well, and have
>> turned it off. Now, when I open up port 80, it looks like they're
>> still trying, but I'm replying with 404. Is that what it should be
>> doing? I probably also need to make sure I have some throttling setup
>> in case this is too much for my Internet connection.
>>
> If you know the IP addresses (or address-ranges) you use to connect to
> your server, I suggest you block everything else for the time being with an
> iptables rule.
>

fail2ban can do that automatically for you, with some work configuring it.

In general I think it's better not to send a 404 when someone is obviously
trying to abuse your servers, that tells the bad guys that there is a web
server listening there and may leak some information about your setup. It's
better to block them at the firewall level, which costs you less server
resources. I'd sugest that the firewall is configured to deny (that is,
just drop their packets) instead of reject (which sends a rejection packet
which, again, gives the bad guys more information than strictly necessary).

From lisaev at umail.iu.edu  Wed Apr  9 15:07:52 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Wed, 9 Apr 2014 14:07:52 -0500
Subject: [arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f
In-Reply-To: <CAFd36Bi2dmo0ZBv4_tt_uCQy_Se1EYMhOf16pQuP9WtrBTwD9g@mail.gmail.com>
References: <534415C7.1030805@googlemail.com>
 <dc7880f8e7318c1578bc96885e99cb10@archlinux.de>
 <CAOMFOmV2TzhZ0zyPuP+F0+FUcChvJaNn-mMBegDJpyjdFMsMSA@mail.gmail.com>
 <CAFd36Bi2dmo0ZBv4_tt_uCQy_Se1EYMhOf16pQuP9WtrBTwD9g@mail.gmail.com>
Message-ID: <20140409140752.1496627c@bluemoon>

[ I had to reconstruct the message from the online archive -- sorry if message
  ID is screwed ]

On Tue, 8 Apr 2014 17:54:14 +0100
adys.wh at gmail.com (Jerome Leclanche) wrote:

> Slightly OT but for those interested, I added the heartbleed utility
> (used by the heartbleed checker site) to the AUR:
> https://aur.archlinux.org/packages/heartbleed-git/
> 
> % heartbleed mediacru.sh:443
> 2014/04/08 17:53:57 mediacru.sh:443 - SAFE
> J. Leclanche

One should probably make clear that openssh servers/clients are _not_
affected because ssh does not use TLS:
http://serverfault.com/questions/587433/heartbleed-are-services-other-than-https-affected .

-- 
Leonid Isaev
GPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140409/d8a9491f/attachment.asc>

From thomas at archlinux.org  Wed Apr  9 15:36:06 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Wed, 09 Apr 2014 21:36:06 +0200
Subject: [arch-general] Linux 3.14-4 to [core]
Message-ID: <5345A126.80807@archlinux.org>

I am currently uploading Linux 3.14-4 to [testing]. Once signoffs are
done, I am planning to move this version to [core].

I'll also move util-linux and coreutils with it.

There were no major new bugs I can remember that we didn't fix, so
things should be pretty smooth.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140409/6a1390db/attachment.asc>

From gostrc at gmail.com  Wed Apr  9 22:58:21 2014
From: gostrc at gmail.com (Thomas Dziedzic)
Date: Wed, 9 Apr 2014 19:58:21 -0700
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
	Arch Linux
In-Reply-To: <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
Message-ID: <CANFDciENMbxXMEZW-rz2Ptrm_gvCAFg5LJKg6K9T=i3fYHtCNA@mail.gmail.com>

On Wed, Apr 9, 2014 at 12:07 AM, Magnus Therning <magnus at therning.org>wrote:
>
> I'm guessing this means cabal-install now is the only package outside
> of [community] that uses ghc to build.  Is that right?
>

That would be correct.


> Is the plan then that any future tools (i.e. non-libraries)
> implemented in Haskell would go into [community]?


This would also be correct. I believe that most people who use packages in
our supported repos don't actually use the haskell libraries themselves,
but rather the tools that depend on them. (e.g. xmonad)
I am not against keeping these tools around and their dependencies if
someone wants to maintain them, but I personally have no interest in
maintaining them myself.


> <devil advocate>
> There is nothing that say one HAS to wait for a ghc upgrade in order
> to provide newer versions of Haskell packages.  As you point all
> that's needed is a rebuild of all the packages that depend on the
> upgraded one.  If that's messy it sounds like you are using bad tools
> to handle upgrading.  Are you really suggesting ArchLinux abandon
> packaging a whole class of software just because the tools are
> inadequate?
> </devils advocate>


I am aware that the way we are packaging haskell packages is non optimal
and could be automated away.
I already have a tool that automates the rebuild of [extra] packages, but
since I don't/want to maintain any packages that aren't dependencies of
cabal-install, I haven't looked into automating those builds.
I don't want to focus solely on this point though because I just felt like
I should make people aware of this problem.
This isn't the only reason why I want to move away from haskell packages in
pacman.

It should be noted that cabal-install isn't a package manager in the
> true sense[1].  I'm not sure this is an argument against making the
> change you propose, but it's worth noting.
>

I agree. Cabal does lack even basic features that other people would expect
from a package manager.
For example, upgrades, removal. Although there are ways to have the same
effect as upgrading since you can have multiple versions of the same
package installed, you could just install the same package after a cabal
update.
That's why I suggested writing up a tip sheet on basic cabal usage for
people who aren't as used to cabal as others.


> There are quite a few other language/frameworks that have
> language-specific build/package systems, Python, Ruby, Perl,
> node.js...  Are Python developers on Arch pointed towards using pip to
> install Python libs?
>

I think that the languages you mentioned could be split up into 2
categories.
Python and Perl have a large number of interested developers and trusted
users maintaining those packages.
Python has over 700 packages, and Perl has over 500 packages and so, there
is a lot of interest in those languages.
On the other hand, you have Haskell, Ruby, and Node.Js where they have a
smaller following.
Haskell has about 90 packages (including i686/x86_64), Ruby has about 60,
and Node.Js has approximately none.
The popular languages have a critical mass which I believe lets people get
away with using the pacman package manager.
So for languages like python and perl, it might make sense to use pacman.
But for languages like haskell, ruby, and node.js I believe using the
system package manager leaves a lot to be desired.


> How do you envision this actually working?
>

I would like to officially announce that there are 2 paths of maintaining
haskell packages on your system.
One would be using cabal-install and I would encourage users to try using
it.
The other would be to use whatever is in the supported repositories.
I would also like to officially announce that one or the other is
supported, but they should be mutually exclusive.


> The set of packages in [extra]/[community] is rather small today, in
> the order of 3 dozen, so does this mean that users are already turning
> to the Arch devs when they are having problems compiling Haskell
> packages?


No. I believe that most users actually know what the correct path is.
I just want to make it officially announced rather than having any
potential confusion on which path to take and which paths are supported.

From gostrc at gmail.com  Wed Apr  9 23:12:12 2014
From: gostrc at gmail.com (Thomas Dziedzic)
Date: Wed, 9 Apr 2014 20:12:12 -0700
Subject: [arch-general] [arch-dev-public] [aur-general] GHC 7.8.1
 packaging decisions for Arch Linux
In-Reply-To: <CABZerzzSPso9vwt18nXGj+e2HCSQSpCKO==Nd1gPfDFkG4MT+g@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <CABZerzzSPso9vwt18nXGj+e2HCSQSpCKO==Nd1gPfDFkG4MT+g@mail.gmail.com>
Message-ID: <CANFDciH=V+4hbCpaEb1qsSNnuiv_N-TPbHaKaVn6wvrN7qUp5A@mail.gmail.com>

On Wed, Apr 9, 2014 at 12:35 AM, Jelle van der Waa <jelle at vdwaa.nl> wrote:
>
> > I would like to keep XMonad/XMobar in [community] it does seem to take up
> a big chunk of the haskell-* packages we have in our repos. But I've never
> ran into real big issues packaging haskell libraries, one minor issue is
> that the developers tend to oversplit packages for example
> haskell-data-default-* . This really makes packaging haskell libraries
> annoying.


I don't want to prevent people from maintaining haskell packages in
supported repos.
I just want to make cabal-install a path with which people don't have to
think twice about.

> I would prefer that we don't package vim plugins or firefox extensions.
> Firefox has it's own extension manager and vim has a lot of solutions which
> work better then pacman


I also share this belief about haskell.
Both pacman and cabal-install have their own pros and cons, but for my
personally, I find that cabal-install has more benefit to me personally for
haskell packages.


> > How many haskell developers actually use our packages in the repos/aur
> rather then using caba-install?


I can only speak from personal experience, but I have used cabal-install
exclusively for a couple of years now not just for development but for also
installing tools like xmonad.
My guess is that given the limited supply of packages in our repos, I can
guestimate 0 use it for development but there might be a lot of users that
actually use the haskell tools like xmonad.

From danielmicay at gmail.com  Wed Apr  9 23:21:45 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Wed, 09 Apr 2014 23:21:45 -0400
Subject: [arch-general] [arch-dev-public] [aur-general] GHC 7.8.1
 packaging decisions for Arch Linux
In-Reply-To: <53460C3B.7040208@archlinux.org>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <CANFDciENMbxXMEZW-rz2Ptrm_gvCAFg5LJKg6K9T=i3fYHtCNA@mail.gmail.com>
 <53460C3B.7040208@archlinux.org>
Message-ID: <53460E49.2030208@gmail.com>

On 09/04/14 11:12 PM, Allan McRae wrote:
> On 10/04/14 12:58, Thomas Dziedzic wrote:
>> On Wed, Apr 9, 2014 at 12:07 AM, Magnus Therning <magnus at therning.org>wrote:
>>>>
>>>> I'm guessing this means cabal-install now is the only package outside
>>>> of [community] that uses ghc to build.  Is that right?
>>>>
>> That would be correct.
>>
>>
>>>> Is the plan then that any future tools (i.e. non-libraries)
>>>> implemented in Haskell would go into [community]?
>>
>> This would also be correct. I believe that most people who use packages in
>> our supported repos don't actually use the haskell libraries themselves,
>> but rather the tools that depend on them. (e.g. xmonad)
>> I am not against keeping these tools around and their dependencies if
>> someone wants to maintain them, but I personally have no interest in
>> maintaining them myself.
> 
> I am fine with this decision.  Although I think it better to use a
> system package manager if at all possible, I do recognise that this
> takes man power that we do not have for haskell.  People still have the
> option of using the AUR over cabal-install if they want to use the
> package manager (or system wide installs - is cabal-install a per user
> thing?)
> 
> <aside>
> In my ideal situation, we would have a team of people for each of the
> "major" programming languages who would determine packaging policy and
> provide packages for many of the libraries for that language.  Sort of
> like how we have multiple people who deal with KDE and GNOME updates.
> With a team based setup, it would be easier to have more junior people
> brought on to help.
> </aside>
> 
> Now that aside is finished, what is the deal with that arch-haskell
> group?  Is it still going?  Would they want to provide packages
> officially instead?

It's definitely still active. They seem to have all the necessary
automation worked out. AFAICT they do an automated conversion from the
cabal files and maintain a set of patches for adding external
dependencies, etc.

https://github.com/archhaskell

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140409/03f373dc/attachment.asc>

From kevin at archlinuxarm.org  Thu Apr 10 00:23:31 2014
From: kevin at archlinuxarm.org (Kevin Mihelich)
Date: Wed, 9 Apr 2014 22:23:31 -0600
Subject: [arch-general] svntogit stuck
In-Reply-To: <CA+CzEk-arzxBC2=QZuZrfydxG8PJAqjp3Pc+OQwQou-PbYNFrg@mail.gmail.com>
References: <53357929.108@email.com> <53357A67.7000609@archlinux.org>
 <CA+CzEk-arzxBC2=QZuZrfydxG8PJAqjp3Pc+OQwQou-PbYNFrg@mail.gmail.com>
Message-ID: <CAHzwTAy7aSTii83VczBZmeCcL57VN2RiXrek=dWvLLrkkaBr0A@mail.gmail.com>

Both packages.git and community.git appear to be stuck again, with no
updates for the past day.


On Fri, Mar 28, 2014 at 2:14 PM, Joel Teichroeb <joel at teichroeb.net> wrote:

> packages.git looks fine to me now, but community.git is still stuck.
>

From gostrc at gmail.com  Thu Apr 10 00:39:13 2014
From: gostrc at gmail.com (Thomas Dziedzic)
Date: Wed, 9 Apr 2014 21:39:13 -0700
Subject: [arch-general] [arch-dev-public] [aur-general] GHC 7.8.1
 packaging decisions for Arch Linux
In-Reply-To: <53460C3B.7040208@archlinux.org>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <CANFDciENMbxXMEZW-rz2Ptrm_gvCAFg5LJKg6K9T=i3fYHtCNA@mail.gmail.com>
 <53460C3B.7040208@archlinux.org>
Message-ID: <CANFDciFRybCPBhrr1NTJR0eAWy80Xamw4e5PprMvgnqBRxpcWw@mail.gmail.com>

On Wed, Apr 9, 2014 at 8:12 PM, Allan McRae <allan at archlinux.org> wrote:
>
> Now that aside is finished, what is the deal with that arch-haskell
> group?  Is it still going?  Would they want to provide packages
> officially instead?


I wouldn't actually be opposed to this idea.

A lot of effort is duplicated with regards to Archlinux's official haskell
packages and Arch-Haskell's packages.

We could try to work out something between the existing haskell package
maintainers and arch-haskell maintainers.

It might lead to a possibly better overall haskell experience on archlinux.

Arch-haskell could maintain official haskell packages using pacman.
I (and anyone interested) could support haskell package installation using
the cabal-install route.

From jordan at jordanhorwich.com  Thu Apr 10 03:46:53 2014
From: jordan at jordanhorwich.com (Jordan Horwich)
Date: Thu, 10 Apr 2014 03:46:53 -0400
Subject: [arch-general] Inconsistencies with cc and c++ binaries
Message-ID: <CA+et1gcOrS-PKzYdT2qVrCF4T38ckFcpoodeXxw7ABNqCeDxPA@mail.gmail.com>

The /usr/bin/cc executable is a symbolic link to /usr/bin/gcc whereas the
/usr/bin/c++ executable appears to be a hardlink to /usr/bin/g++.

Why are the links different types? Wouldn't it be more clear to make both
symbolic links or both hard links?

--
Jordan

From magnus at therning.org  Thu Apr 10 03:50:56 2014
From: magnus at therning.org (Magnus Therning)
Date: Thu, 10 Apr 2014 09:50:56 +0200
Subject: [arch-general] [arch-dev-public] [aur-general] GHC 7.8.1
 packaging decisions for Arch Linux
In-Reply-To: <53460E49.2030208@gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <CANFDciENMbxXMEZW-rz2Ptrm_gvCAFg5LJKg6K9T=i3fYHtCNA@mail.gmail.com>
 <53460C3B.7040208@archlinux.org> <53460E49.2030208@gmail.com>
Message-ID: <CAAExw5s-h5tHL0KESKK41p8kD9GiVyhdOZoxsJQwkkg=w748-w@mail.gmail.com>

On Thu, Apr 10, 2014 at 5:21 AM, Daniel Micay <danielmicay at gmail.com> wrote:
> On 09/04/14 11:12 PM, Allan McRae wrote:
>> Now that aside is finished, what is the deal with that arch-haskell
>> group?  Is it still going?  Would they want to provide packages
>> officially instead?
>
> It's definitely still active. They seem to have all the necessary
> automation worked out. AFAICT they do an automated conversion from the
> cabal files and maintain a set of patches for adding external
> dependencies, etc.
>
> https://github.com/archhaskell

Indeed, it's still active.  Not
steaming-full-ahead-lika-a-freight-train active, but we're bringing in
updates and adding new packages at a somewhat leasurely pace :)

The tool that makes it possible is cblrepo - https://github.com/magthe/cblrepo

Beyond that there are a few scripts that makes the chore of keeping
packages up-to-date largely automated.  The experience is that a
single person can keep over 200 packages up-to-date with spending
about 15-30 minutes per week.  The builds of course take longer than
that (sometimes much longer), but they don't require active
monitoring.

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

From maykeldebian at gmail.com  Thu Apr 10 06:57:32 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Thu, 10 Apr 2014 12:57:32 +0200
Subject: [arch-general] Yakuake not expand with shorcut
In-Reply-To: <CAJ2aOA8CQXeq1UuZv3-b9a78ny5u4v3K+sZrFH-_WfBkFL3v4Q@mail.gmail.com>
References: <CAJ2aOA8CQXeq1UuZv3-b9a78ny5u4v3K+sZrFH-_WfBkFL3v4Q@mail.gmail.com>
Message-ID: <CAJ2aOA-a84saOMuVyp5621k84W978byj8GHFVmRF7qWNQMzQ6g@mail.gmail.com>

2014-03-20 13:24 GMT+01:00 Maykel Franco <maykeldebian at gmail.com>:
> Hi, I like very much yakuake. I like expand the terminal to right, left, up,
> down with shourcut , but not found when assign the keys. Attach photo.
>
> http://imgur.com/a/sf4it
>
> - Grow terminal to the left, to the right, to the top...not found with
> keys...
>
> Why? I don't now why. Yakuake in gentoo works very well to expand the
> terminal.
>
> Yakuake depend the konsole.
>
> Sorry for my english.
>
> Thanks in advanced.

I resolved my problem. For expand yakuake to up, down, left, right...I
use the shourtcut:

Mayus + Alt + up/down/left/right

Thanks for all.

From maykeldebian at gmail.com  Thu Apr 10 07:01:04 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Thu, 10 Apr 2014 13:01:04 +0200
Subject: [arch-general] Error when I try update pacman -Syu
In-Reply-To: <5331E3C2.109@xs4all.nl>
References: <CAJ2aOA-gyr_HyWTFGVuC6OaYikk=5om2vqwGPEkD1d-fokKgBA@mail.gmail.com>
 <CAO0v=MNE6sB5sHCw-+KC+Q1=ahLnOTZmC-xX1goujKD2tjrrTQ@mail.gmail.com>
 <53306341.60900@archlinux.org>
 <CAO0v=MP+MSUdS29VOaWiG3MPc0fZeCepcAJD2RmhFpDkuCvqxQ@mail.gmail.com>
 <CAJ2aOA_sWN0TduSvnnZ4d7WGt3aDVTqkrR3oj0P_QcDx2nJN8A@mail.gmail.com>
 <5331E3C2.109@xs4all.nl>
Message-ID: <CAJ2aOA_=uJOAHgM+4LvLnkFP_T9WCaY8QHDWx1P_o4QOZbqiWg@mail.gmail.com>

2014-03-25 21:14 GMT+01:00 LoneVVolf <lonewolf at xs4all.nl>:
> On 25-03-14 16:09, Maykel Franco wrote:
>>
>> 2014-03-24 18:58 GMT+01:00 Karol Blazewicz <karol.blazewicz at gmail.com>:
>>>
>>> On Mon, Mar 24, 2014 at 5:54 PM, Thomas B?chler <thomas at archlinux.org>
>>> wrote:
>>>>
>>>> Am 24.03.2014 17:18, schrieb Karol Blazewicz:
>>>>>
>>>>> jre7 is in the AUR so pacman won't update it, but jre7-openjdk is in
>>>>> the repos and provides the same 'item' as jre7: java-runtime=7
>>>>> https://aur.archlinux.org/packages/jr/jre7/PKGBUILD
>>>>> https://www.archlinux.org/packages/extra/x86_64/jre7-openjdk/
>>>>> that's why they conflict.
>>>>
>>>> That's not why they conflict. It's because jre7 explicitly has
>>>> java-runtime=7 as a conflict (among others). 'conflicts' has nothing to
>>>> do with 'provides'.
>>>>
>>>>> You seem to be using jre7. If you want to keep using it, you have to
>>>>> keep jre7-openjdk out. Try adding it to IgnorePkg.
>>>>
>>>> And how will that help?
>>>>
>>>>>> root at arch-maykel /home/maykel/ # LANG=C yaourt -Rdd jre7-openjdk
>>>>>> error: target not found: jre7-openjdk
>>>>
>>>> It seems that a package is updated and the newer version explicitly
>>>> depends on jre7-openjdk. This is probably a packaging error (although
>>>> after a quick glance at the repos, I cannot find any such package).
>>>>
>>> You're right, Thomas.
>>> Maykel, install expac and run
>>> expac "%n - %E" -S $(checkupdates) | grep jre7-openjdk
>>
>>
>> Thanks for all. This command not result anything....
>
>
> Maykel,
>
> The error suggests you have jre7 installed from aur
> (https://aur.archlinux.org/packages/jre7/ ).
> Do you remember why you have that installed ?
> the output of pacman -Qi jre7    might also help to figure that out.
>
> Lone_Wolf
>

I have install the jre7 because java openjdk use 90% CPU when connect
to proxmox VMs. Also, jre7 works to applications very well, as
netbeans, jitsi...

Now, I have installed openjdk:

maykel-arch /home/maykel :( # java -version
java version "1.7.0_51"
OpenJDK Runtime Environment (IcedTea 2.4.6) (ArchLinux build
7.u51_2.4.6-1-x86_64)
OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode)

And at the moment, works very well...

Thanks for all.

From maykeldebian at gmail.com  Thu Apr 10 07:01:38 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Thu, 10 Apr 2014 13:01:38 +0200
Subject: [arch-general] X11vnc in xbmc archlinux
In-Reply-To: <20140407130835.GA11684@crepcran.com>
References: <CAJ2aOA_YaWawQM9C9PGz=T_s67fvbw75V4HNs9fSZd-VRpr8rw@mail.gmail.com>
 <CAN=JGODD_cfejoAUeeO8sWQC47to91vYDp-O+o9339L=7UF6qQ@mail.gmail.com>
 <CAJ2aOA_Z0j78jFN0MB=FXVm-UVc4SH5qpYfNRC+PzYK8cL+_Ww@mail.gmail.com>
 <20140407130835.GA11684@crepcran.com>
Message-ID: <CAJ2aOA9FrjGoaTnRvL4hz3aaQvP1gF7G_EPJXf02YyLRNJC1Gw@mail.gmail.com>

2014-04-07 15:08 GMT+02:00 Bigby James <bigby.james at crepcran.com>:
> On Mon, Apr 07, 2014 at 01:06:06PM +0200, Maykel Franco wrote:
>> 2014-04-07 13:00 GMT+02:00 geralt at gmail.com <geralt at gmail.com>:
>>
>> I need start x11vnc when computer boot...
>>
>> Sorry for my english.
>>
>> Thanks for your response.
>
> --
> "A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams
>
> There's probably a systemd unit for the VNC daemon you're using; enable it like
> any other. You can start the VNC client on login by adding it to .xinitrc (or
> using the autostart feature of your desktop environment).

Thanks. I try and comments the results.

From maykeldebian at gmail.com  Thu Apr 10 07:05:21 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Thu, 10 Apr 2014 13:05:21 +0200
Subject: [arch-general] Error in chrome when I moved sidebar
In-Reply-To: <531F46B2.8000203@gmail.com>
References: <CAJ2aOA8vrs2dP2Eim8gsKP9J+RMGEyN+pS4EBcfZ=wQVP1hy8w@mail.gmail.com>
 <531F46B2.8000203@gmail.com>
Message-ID: <CAJ2aOA9P+QQdrUvS07ijZhVAKVYzpJuW3x06RmqRLds5iYaW=A@mail.gmail.com>

2014-03-11 18:24 GMT+01:00 Daniel Micay <danielmicay at gmail.com>:
> On 11/03/14 12:54 PM, Maykel Franco wrote:
>> Hi, I get this lines in chrome when I moved sidebar the right:
>>
>> http://es.tinypic.com/view.php?pic=14kbeyw&s=8#.Ux8-xpDuKnk
>>
>> Can I help me please? Is a bug the chrome?
>>
>> Thanks in advanced.
>>
>
> Looks like a video driver bug, I doubt it's a Chrome bug. You should
> really be using Chromium though, not Chrome. It's nearly identical but
> is open-source and has fewer old bundled libraries. You can use both the
> pepper flash plugin and PDF viewer in Chromium.
>
> If you've disabled the Chrome GPU blacklist in the past, revert that
> change. Look into whether your video drivers are broken by testing other
> OpenGL applications.
>

How I can use video driver? I have two graphic card, intel and nvidia:

maykel-arch /home/maykel # lspci | grep -i VGA
00:02.0 VGA compatible controller: Intel Corporation 3rd Gen Core
processor Graphics Controller (rev 09)
01:00.0 VGA compatible controller: NVIDIA Corporation GF108M [GeForce
GT 630M] (rev a1)

Thanks.

From spam at scientician.net  Thu Apr 10 07:14:26 2014
From: spam at scientician.net (Bardur Arantsson)
Date: Thu, 10 Apr 2014 13:14:26 +0200
Subject: [arch-general] My Apache Sever Compromised?
In-Reply-To: <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>
References: <CAHtGYf9UcxaotjaNsXx=6tF3z_14hqvzbWaBhzDRsZzLKnHkgA@mail.gmail.com>
 <CABNG1c02bGxWqd5-L+sjf9d852zT-QLSWSNeM0wb4j5d_Gr_CQ@mail.gmail.com>
 <533ABF7D.5000608@gmail.com>
 <CAHtGYf9ce9u9Pck=d_zpWx8z9hKhzcotAo7K0_uuiPB118GRyg@mail.gmail.com>
Message-ID: <li5uei$ng3$1@ger.gmane.org>

On 2014-04-09 19:32, Jameson wrote:
> On Tue, Apr 1, 2014 at 9:30 AM, Nowaker <enwukaer at gmail.com> wrote:
>>
>>>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>>>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
>>
>>
>>> But the most interesting part is that your apache is replying with "200",
>>> that is OK!
>>
>>
>> Nice catch! It's certainly a proxy.
> 
> Thanks for everyone's help with this. I did in fact have ProxyRequests
> set to On thinking it was needed for reverse proxies as well, and have
> turned it off. Now, when I open up port 80, it looks like they're
> still trying, but I'm replying with 404. Is that what it should be
> doing? I probably also need to make sure I have some throttling setup
> in case this is too much for my Internet connection.
> 

One approach I've seen mentioned and which seemed fun, but -- I hasten
to add -- have never personally tried is to start returning shock site
images for all such requests (obviously not for all 404s, just attempts
at abusing you as a proxy).

Regards,



From spam at scientician.net  Thu Apr 10 07:34:00 2014
From: spam at scientician.net (Bardur Arantsson)
Date: Thu, 10 Apr 2014 13:34:00 +0200
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
	Arch Linux
In-Reply-To: <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
Message-ID: <li5vj8$c7f$1@ger.gmane.org>

On 2014-04-09 09:07, Magnus Therning wrote:
>> Change 2: Make a news item stating that cabal-install is now the
>> recommended way to install haskell packages. This wouldn't pollute the
>> filesystem since cabal-install installs packages to the ~/.cabal directory
>> by default. We might need to include a tip sheet about how you would handle
>> ghc updates since it requires extra user steps.
> 
> It should be noted that cabal-install isn't a package manager in the
> true sense[1].  I'm not sure this is an argument against making the
> change you propose, but it's worth noting.

With sandboxing/hsenv I've actually found cabal-install it to work much
better than attempting to use distro packages for some libraries. (There
error messages for stuff that requires native C libraries aren't always
stellar, but that's something you quickly get used to.)

> 
> There are quite a few other language/frameworks that have
> language-specific build/package systems, Python, Ruby, Perl,
> node.js...  Are Python developers on Arch pointed towards using pip to
> install Python libs?

I can only speak to node.js, but I think the general consensus there is
to only use the distro-provided node.js and npm and then have
user-specific/project-specific node_modules directories. (This is driven
in part by npm's design and the extreme pace at which the ecosystem
seems to be moving.)

Given the limitations of GHC when it comes to module interoperability
between versions, I think this approach makes sense for GHC too.

(Btw, there's work afoot to adress this, but it's probably a few years
off: http://plv.mpi-sws.org/backpack/ )

> 
> I think sometimes the right thing is to point users to another package
> manager, e.g. packaging vim scripts for system wide installation is a
> bit silly, since installing a vim script affects ALL users on the
> system.  So doing that would require providing some sort of vim-script
> manager to users.  Then there's very little difference compared to
> just telling users to use Vundle/Pathogen/whatever directly instead.
> However, this isn't the case for Haskell/GHC...
> 

AFAIK (and unfortunately) globally installed Haskell/GHC packages can
greatly constrain what other packages you can install in a sandbox.
That's been a huge problem for me in practice, which is why I personally
always install ONLY ghc and cabal-install and use cabal sandboxing/hsenv
for the rest. (Did this on Ubuntu as well when I was a user of that.)

I think it would be a good idea to strip everything back to just having
GHC and cabal-install in the "base" and to take some time to rethink how
packaging everything else should work.

I don't know if Cabal supports such a thing, but one idea off the top of
my head for a new approach would be to have a distro-provided read-only
*sandbox* which other read/write sandboxes could be *overlaid* on top
of. That would mean that you could opt out of the distro-installed
packages if you need to, but could still install distro packages if you,
e.g. wanted/needed a Haskell program which depended on having haskell
packages installed (git-annex?). Crazy idea?

Regards,


From spam at scientician.net  Thu Apr 10 07:42:31 2014
From: spam at scientician.net (Bardur Arantsson)
Date: Thu, 10 Apr 2014 13:42:31 +0200
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
	Arch Linux
In-Reply-To: <CANFDciFRybCPBhrr1NTJR0eAWy80Xamw4e5PprMvgnqBRxpcWw@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <CANFDciENMbxXMEZW-rz2Ptrm_gvCAFg5LJKg6K9T=i3fYHtCNA@mail.gmail.com>
 <53460C3B.7040208@archlinux.org>
 <CANFDciFRybCPBhrr1NTJR0eAWy80Xamw4e5PprMvgnqBRxpcWw@mail.gmail.com>
Message-ID: <li6037$lfn$1@ger.gmane.org>

On 2014-04-10 06:39, Thomas Dziedzic wrote:
> On Wed, Apr 9, 2014 at 8:12 PM, Allan McRae <allan at archlinux.org> wrote:
>>
>> Now that aside is finished, what is the deal with that arch-haskell
>> group?  Is it still going?  Would they want to provide packages
>> officially instead?
> 
> 
> I wouldn't actually be opposed to this idea.
> 
> A lot of effort is duplicated with regards to Archlinux's official haskell
> packages and Arch-Haskell's packages.
> 
> We could try to work out something between the existing haskell package
> maintainers and arch-haskell maintainers.
> 
> It might lead to a possibly better overall haskell experience on archlinux.
> 
> Arch-haskell could maintain official haskell packages using pacman.
> I (and anyone interested) could support haskell package installation using
> the cabal-install route.
> 

Would this mean that only "ghc" and "cabal-install" would be in any of
the official repos and that everything else would be relegated to
"arch-haskell"? If so, then +1. (As mentioned in another email I think
Haskell distro packaging in general could use a rethink, possibly based
on sandboxing.)

Regards,



From thomas at archlinux.org  Thu Apr 10 07:55:26 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Thu, 10 Apr 2014 13:55:26 +0200
Subject: [arch-general] svntogit stuck
In-Reply-To: <CAHzwTAy7aSTii83VczBZmeCcL57VN2RiXrek=dWvLLrkkaBr0A@mail.gmail.com>
References: <53357929.108@email.com> <53357A67.7000609@archlinux.org>
 <CA+CzEk-arzxBC2=QZuZrfydxG8PJAqjp3Pc+OQwQou-PbYNFrg@mail.gmail.com>
 <CAHzwTAy7aSTii83VczBZmeCcL57VN2RiXrek=dWvLLrkkaBr0A@mail.gmail.com>
Message-ID: <534686AE.3010900@archlinux.org>

Am 10.04.2014 06:23, schrieb Kevin Mihelich:
> Both packages.git and community.git appear to be stuck again, with no
> updates for the past day.
> 
> 
> On Fri, Mar 28, 2014 at 2:14 PM, Joel Teichroeb <joel at teichroeb.net> wrote:
> 
>> packages.git looks fine to me now, but community.git is still stuck.
>>

I killed the lock file again, and now the log spits this out. Evangelos,
what's going on here?

==> Updating 'packages' Git repository on Thu Apr 10 11:54:02 UTC 2014
  -> Fetching changes from SVN
    > git svn rebase command failed; skipping to next repository
==> Aborted updating 'packages' on Thu Apr 10 11:54:10 UTC 2014


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140410/a01070e7/attachment.asc>

From maykeldebian at gmail.com  Thu Apr 10 08:04:35 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Thu, 10 Apr 2014 14:04:35 +0200
Subject: [arch-general] Error in wireshark-gtk2 in show interfaces for
	capture
Message-ID: <CAJ2aOA_AxO5oouUtXAzFotdBxTtw81S2igK15LqiVL3xPcJVwA@mail.gmail.com>

Hi, I have installed wireshark-gtk2. But when go to Capture/Interfaces
I get this error:

There are no interfaces on which a capture can be done.

I follow this steps:

Setting network privileges for dumpcap

1. Ensure your linux kernel and filesystem supports File Capabilities
and also you have installed necessary tools.

2. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"

3. Start Wireshark as non-root and ensure you see the list of
interfaces and can do live capture.

Limiting capture permission to only one group

1. Create user "wireshark" in group "wireshark".

2. "chgrp wireshark /usr/bin/dumpcap"

3. chmod 754 /usr/bin/dumpcap

4. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"

5. Ensure Wireshark works only from root and from a user in the
"wireshark" group


Thanks in advanced.

From evangelos at foutrelis.com  Thu Apr 10 09:19:55 2014
From: evangelos at foutrelis.com (Evangelos Foutras)
Date: Thu, 10 Apr 2014 16:19:55 +0300
Subject: [arch-general] svntogit stuck
In-Reply-To: <534686AE.3010900@archlinux.org>
References: <53357929.108@email.com> <53357A67.7000609@archlinux.org>
 <CA+CzEk-arzxBC2=QZuZrfydxG8PJAqjp3Pc+OQwQou-PbYNFrg@mail.gmail.com>
 <CAHzwTAy7aSTii83VczBZmeCcL57VN2RiXrek=dWvLLrkkaBr0A@mail.gmail.com>
 <534686AE.3010900@archlinux.org>
Message-ID: <53469A7B.5000500@foutrelis.com>

On 10/04/14 14:55, Thomas B?chler wrote:
> Am 10.04.2014 06:23, schrieb Kevin Mihelich:
>> Both packages.git and community.git appear to be stuck again, with no
>> updates for the past day.
>>
>>
>> On Fri, Mar 28, 2014 at 2:14 PM, Joel Teichroeb <joel at teichroeb.net> wrote:
>>
>>> packages.git looks fine to me now, but community.git is still stuck.
>>>
> 
> I killed the lock file again, and now the log spits this out. Evangelos,
> what's going on here?
> 
> ==> Updating 'packages' Git repository on Thu Apr 10 11:54:02 UTC 2014
>   -> Fetching changes from SVN
>     > git svn rebase command failed; skipping to next repository
> ==> Aborted updating 'packages' on Thu Apr 10 11:54:10 UTC 2014

Thomas, thanks for looking into it; I fixed the Git repo just now.

Generally it's not safe to remove the lock file without identifying the
reason the script failed. It's not a very robust script and the Git repo
can be left in an inconsistent state which would require manual rollback
of several package branches.

I pushed a change that should make it fail significantly less (gerolde
being unreachable for pushing has been the cause of failure 2-3 times now):

https://github.com/foutrelis/arch-svntogit/commit/ecc3090

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140410/49e50b54/attachment.asc>

From magnus at therning.org  Thu Apr 10 17:17:03 2014
From: magnus at therning.org (Magnus Therning)
Date: Thu, 10 Apr 2014 23:17:03 +0200
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
 Arch Linux
In-Reply-To: <li5vj8$c7f$1@ger.gmane.org>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <CAAExw5vEZbV8GV_dWizokFvN+NsfzPbvS=ASgewQXx=YJ6SkOA@mail.gmail.com>
 <li5vj8$c7f$1@ger.gmane.org>
Message-ID: <20140410211703.GB21849@tatooine.lan>

On Thu, Apr 10, 2014 at 01:34:00PM +0200, Bardur Arantsson wrote:
> On 2014-04-09 09:07, Magnus Therning wrote:
>>> Change 2: Make a news item stating that cabal-install is now the
>>> recommended way to install haskell packages. This wouldn't pollute
>>> the filesystem since cabal-install installs packages to the
>>> ~/.cabal directory by default. We might need to include a tip
>>> sheet about how you would handle ghc updates since it requires
>>> extra user steps.
>> 
>> It should be noted that cabal-install isn't a package manager in
>> the true sense[1].  I'm not sure this is an argument against making
>> the change you propose, but it's worth noting.
> 
> With sandboxing/hsenv I've actually found cabal-install it to work
> much better than attempting to use distro packages for some
> libraries. (There error messages for stuff that requires native C
> libraries aren't always stellar, but that's something you quickly
> get used to.)

I know some people swear by cabal-install, but I've personally never
gotten into using it.  The sandbox feature does look neat and I've
been meaning to try it out.  A very first attempt just now did not
impress me though: it wanted to downgrade bytestring for no
discernible reason.  Probably a user error though.

> I think it would be a good idea to strip everything back to just
> having GHC and cabal-install in the "base" and to take some time to
> rethink how packaging everything else should work.

Personally I think it depends on what "everything else" is.  One
approach would be to centre everything around applications.  To some
extent I think that is the (maybe not explicit) rule for the rest of
the packages.  That would mean libs aren't packaged for their own
sake, only in order to provide an application.  This would mean that
it'd be entirely possible to /only/ have ghc + cabal-install and still
package all applications written in Haskell[^1].

/M

[^1]: Ghc still links applications statically it seems so building in
a sandbox and then only package the resulting executables.

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

I invented the term Object-Oriented, and I can tell you I did not have
C++ in mind.
     -- Alan Kay
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140410/5f728823/attachment.asc>

From ml at isaac.cedarswampstudios.org  Thu Apr 10 22:00:35 2014
From: ml at isaac.cedarswampstudios.org (Isaac Dupree)
Date: Thu, 10 Apr 2014 22:00:35 -0400
Subject: [arch-general] [arch-dev-public] GHC 7.8.1 packaging decisions
	for Arch Linux
In-Reply-To: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
Message-ID: <53474CC3.6090803@isaac.cedarswampstudios.org>

On 04/09/2014 01:27 AM, Thomas Dziedzic wrote:
> Problem 2: Users are confused whether they should install packages from the
> repos or using cabal-install. This in turn sometimes causes them to install
> some packages from official repos, some from the aur, and some using
> cabal-install
> Explanation: Packages should ideally be installed from one place, either
> using repos/aur or cabal-install. Said that, it is entirely possible to use
> both repos/aur and cabal-install but for simplicity, one source is
> preferred.

Doesn't every language with its own package manager have this problem? 
For example, Python.  Is there a good solution?  Users knowing about 
this issue and making their own decisions is the current solution on 
every distro I'm familiar with.

> Change 2: Make a news item stating that cabal-install is now the
> recommended way to install haskell packages. This wouldn't pollute the
> filesystem since cabal-install installs packages to the ~/.cabal directory
> by default. We might need to include a tip sheet about how you would handle
> ghc updates since it requires extra user steps.

This is the way I do it on my personal computer, FWIW.

If there were any packages in the repo written in Haskell that are used 
by non-Haskellers, then all those packages' deps would have to be in the 
repos too.  (e.g. darcs and pandoc, which are in AUR currently).

Cheers,
-Isaac


From gostrc at gmail.com  Thu Apr 10 23:29:17 2014
From: gostrc at gmail.com (Thomas Dziedzic)
Date: Thu, 10 Apr 2014 20:29:17 -0700
Subject: [arch-general] [aur-general] [arch-dev-public] GHC 7.8.1
 packaging decisions for Arch Linux
In-Reply-To: <CA+A7n+ipr9Zkbkw4aM+ks_m2bcurAcg4avSJ=t1y2fiNTihSEg@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
 <53474CC3.6090803@isaac.cedarswampstudios.org>
 <CA+A7n+ipr9Zkbkw4aM+ks_m2bcurAcg4avSJ=t1y2fiNTihSEg@mail.gmail.com>
Message-ID: <CANFDciF7NHqh+USW02GCvccexv2Fzd2ZukzuXYHnaLLcU5iz-g@mail.gmail.com>

On Thu, Apr 10, 2014 at 7:20 PM, Jeremy Audet <ichimonji10 at gmail.com> wrote:

> > Doesn't every language with its own package manager have this problem?
> For example, Python.  Is there a good solution?  Users knowing about this
> issue and making their own decisions is the current solution on every
> distro I'm familiar with.
>
> Aye. There are some upshots to allowing users to install software via
> either the system package manager or a language-specific one, instead of
> forcing them down a single path. For example, with ruby: tools such as
> bundler, rbenv and rvm provide users with some awesome capabilities, such
> as being able to install multiple versions of Ruby and multiple versions of
> gems, either system-wide, in a user's home directory or in a custom
> directory. That's very useful, and the user should have that option - but
> if the user wants a simpler, more straightforward option, they can use
> `gem` or `pacman`. (And the choice between gem and pacman has its own
> tradeoffs.)
>
> Couldn't the same be said of Haskell packages? Using pacman to manage
> haskell packages provides some niceties, such as automatic updates
> (whenever -Syu is performed), whereas cabal-install provides its own
> niceties, such as access to numerous packages. So... is there anything
> wrong with letting the user choose the tool that suits their needs?
>

I guess I should modify my wording for Change 2 to be:

"Change 2: Make a news item stating that either cabal-install or pacman
packages are now the recommended way to install haskell packages. Not both
in one system."

From kyleterrien at gmail.com  Fri Apr 11 13:43:51 2014
From: kyleterrien at gmail.com (Kyle Terrien)
Date: Fri, 11 Apr 2014 10:43:51 -0700
Subject: [arch-general] Error in wireshark-gtk2 in show interfaces for
 capture
In-Reply-To: <CAJ2aOA_AxO5oouUtXAzFotdBxTtw81S2igK15LqiVL3xPcJVwA@mail.gmail.com>
References: <CAJ2aOA_AxO5oouUtXAzFotdBxTtw81S2igK15LqiVL3xPcJVwA@mail.gmail.com>
Message-ID: <534829D7.4010702@gmail.com>

On 04/10/2014 05:04 AM, Maykel Franco wrote:
> Hi, I have installed wireshark-gtk2. But when go to Capture/Interfaces
> I get this error:
> 
> There are no interfaces on which a capture can be done.
> 
> I follow this steps:
> 
> Setting network privileges for dumpcap
> 
> 1. Ensure your linux kernel and filesystem supports File Capabilities
> and also you have installed necessary tools.
> 
> 2. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"
> 
> 3. Start Wireshark as non-root and ensure you see the list of
> interfaces and can do live capture.
> 
> Limiting capture permission to only one group
> 
> 1. Create user "wireshark" in group "wireshark".
> 
> 2. "chgrp wireshark /usr/bin/dumpcap"
> 
> 3. chmod 754 /usr/bin/dumpcap
> 
> 4. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"
> 
> 5. Ensure Wireshark works only from root and from a user in the
> "wireshark" group
> 
> 
> Thanks in advanced.
> 

That's strange. This is the same error that appears when running
wireshark as a user not assigned to the wireshark group.

The only configuration I had to do was add myself to the wireshark group
(which wireshark-gtk2 created):

# gpasswd -a kyle wireshark

This is according to the instructions on the wiki [1].

Here is some information on how dumpcap is installed on my box:

> kyle at landru ~ $ ls -la /usr/bin/dumpcap 
> -rwxr-xr-- 1 root wireshark 85648 Apr 10 12:45 /usr/bin/dumpcap
> kyle at landru ~ $ getcap /usr/bin/dumpcap 
> /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
> kyle at landru ~ $ stat /usr/bin/dumpcap 
>   File: ?/usr/bin/dumpcap?
>   Size: 85648     	Blocks: 168        IO Block: 4096   regular file
> Device: 801h/2049d	Inode: 1069550     Links: 1
> Access: (0754/-rwxr-xr--)  Uid: (    0/    root)   Gid: (  150/wireshark)
> Access: 2014-04-11 10:35:22.830667985 -0700
> Modify: 2014-04-10 12:45:35.000000000 -0700
> Change: 2014-04-11 10:35:11.947230948 -0700
>  Birth: -
> kyle at landru ~ $ lsattr /usr/bin/dumpcap
> -------------e-- /usr/bin/dumpcap
> kyle at landru ~ $ pacman -Qo /usr/bin/dumpcap 
> /usr/bin/dumpcap is owned by wireshark-gtk2 1.10.6-1
> kyle at landru ~ $ 

--Kyle

[1]: https://wiki.archlinux.org/index.php/Wireshark

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140411/b2fc1ab8/attachment.asc>

From fsckdaemon at gmail.com  Fri Apr 11 15:39:39 2014
From: fsckdaemon at gmail.com (fsckd)
Date: Fri, 11 Apr 2014 15:39:39 -0400
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
Message-ID: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>

Hello,

There will be a class on PKGBUILDs by CalimeroTeknik. It will cover the 
basics of packaging and how to write a PKGBUILD. Everyone is welcome to 
attend. The only prerequisite is an interest in the topic.

Here is a list of topics that may be covered. You can vote for those which 
interest you. The ones with the most votes will get more attention in the class.
https://pad.riseup.net/p/pkgbuild-class-apr2014

Dates and times: Saturday, April 19, 2014
                 9:30AM UTC (~7:30PM in Brisbane AU and ~10:30 in Wellington NZ)
                 4PM UTC (~12 noon in New York and ~9am in Vancouver)

CalimeroTeknik is a bash hacker and a student. He is a longtime Arch Linux 
user (since about May 2008) and released http://ctkarch.org/ in 2009.

From havoc at defuse.ca  Fri Apr 11 17:40:52 2014
From: havoc at defuse.ca (Taylor Hornby)
Date: Fri, 11 Apr 2014 15:40:52 -0600
Subject: [arch-general] Is Voting Effective?
Message-ID: <53486164.90204@defuse.ca>

The main mechanism for moving packages from the AUR into the official
repositories seems to be the "Vote for this package" mechanism.
Ideally, all packages would just be in the official repositories, and
there'd be no AUR. Obviously we don't have the resources for that, so
there needs to be some mechanism for prioritizing packages.

Because you have to register an account to vote (and I didn't even
*know* about it until today), the voting mechanism is not effective at
filtering out the important packages from the sea of mostly-irrelevant
obscure packages, and it's certainly not a good indicator for package
quality. This means important packages are getting left behind in the
AUR even when all other Linux distributions include them in their
official repositories.

Ultimately, relying on a vote-based popularity measurement too much is
hurting -- or is going to hurt -- Arch Linux.

Take for example tahoe-lafs and tripwire, with 32 and 13 votes
respectively.

    https://aur.archlinux.org/packages/tahoe-lafs/

    https://aur.archlinux.org/packages/tripwire/

These are extremely important tools. And, while they may not be popular
as measured by the voting system, they are widely used, and both are
included in Debian's official repositories.

Instead of being able to quickly and easily install signed binaries with
`pacman -S`, a security-conscious user wanting one of these tools has to
manually inspect the PKGBUILDs for the packages themselves and many of
their dependencies to make sure that they're not malicious. And after
they do all that, they still have to trust insecure connections and MD5
checksums.

There needs to be an official channel for hearing reasoned arguments on
why a package should or should not be included in the real repositories,
and the unscientific vote count should come second.

Is there such a thing?

Thanks for reading,
-- 
Taylor Hornby

From petebaldridge at gmail.com  Fri Apr 11 17:48:44 2014
From: petebaldridge at gmail.com (Peter Baldridge)
Date: Fri, 11 Apr 2014 14:48:44 -0700
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53486164.90204@defuse.ca>
References: <53486164.90204@defuse.ca>
Message-ID: <CAM91edjdV+OArdBF=cFP7gG4hSk7mccABgdpVuq8OA=H-p5=+Q@mail.gmail.com>

On Fri, Apr 11, 2014 at 2:40 PM, Taylor Hornby <havoc at defuse.ca> wrote:
> both are
> included in Debian's official repositories.

Debian has more packages than another distro that I am aware of.  Last
I heard, it was around 30,000. That is one thing they do very well.
That's very much the polar opposite of arch's mission, interest, or
ability.

https://wiki.archlinux.org/index.php/The_Arch_Way

-- 

Pete

From mark at markelee.com  Fri Apr 11 17:49:49 2014
From: mark at markelee.com (Mark Lee)
Date: Fri, 11 Apr 2014 17:49:49 -0400
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53486164.90204@defuse.ca>
References: <53486164.90204@defuse.ca>
Message-ID: <5348637D.9040108@markelee.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 04/11/2014 05:40 PM, Taylor Hornby wrote:
> The main mechanism for moving packages from the AUR into the official
> repositories seems to be the "Vote for this package" mechanism.
> Ideally, all packages would just be in the official repositories, and
> there'd be no AUR. Obviously we don't have the resources for that, so
> there needs to be some mechanism for prioritizing packages.
> 
> Because you have to register an account to vote (and I didn't even
> *know* about it until today), the voting mechanism is not effective at
> filtering out the important packages from the sea of mostly-irrelevant
> obscure packages, and it's certainly not a good indicator for package
> quality. This means important packages are getting left behind in the
> AUR even when all other Linux distributions include them in their
> official repositories.
> 
> Ultimately, relying on a vote-based popularity measurement too much is
> hurting -- or is going to hurt -- Arch Linux.
> 
> Take for example tahoe-lafs and tripwire, with 32 and 13 votes
> respectively.
> 
>     https://aur.archlinux.org/packages/tahoe-lafs/
> 
>     https://aur.archlinux.org/packages/tripwire/
> 
> These are extremely important tools. And, while they may not be popular
> as measured by the voting system, they are widely used, and both are
> included in Debian's official repositories.
> 
> Instead of being able to quickly and easily install signed binaries with
> `pacman -S`, a security-conscious user wanting one of these tools has to
> manually inspect the PKGBUILDs for the packages themselves and many of
> their dependencies to make sure that they're not malicious. And after
> they do all that, they still have to trust insecure connections and MD5
> checksums.
> 
> There needs to be an official channel for hearing reasoned arguments on
> why a package should or should not be included in the real repositories,
> and the unscientific vote count should come second.
> 
> Is there such a thing?
> 
> Thanks for reading,
> 

Salutations,

Packages don't reach the official repositories until they have enough
sponsorship (by voting or devs pushing packages) and have been properly
vetted. In addition, a security conscious user should be inspecting
PKGBUILDS (via the ABS) instead of just taking packages as is. Compiling
the packages via the ABS is further step.

Regards,
Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iF4EAREIAAYFAlNIY30ACgkQZ/Z80n6+J/ZiNAD+N+KWUv9oIzn/HBJPIYq2LJ+V
Ca0eJ6FbbH9DceXUWiQA/RNsBzO0Aq+MLdoHrcS5oJ7TFv9VQ96/PLzgUGIbQ4Ti
=DHkF
-----END PGP SIGNATURE-----

From havoc at defuse.ca  Fri Apr 11 17:57:32 2014
From: havoc at defuse.ca (Taylor Hornby)
Date: Fri, 11 Apr 2014 15:57:32 -0600
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <CAM91edjdV+OArdBF=cFP7gG4hSk7mccABgdpVuq8OA=H-p5=+Q@mail.gmail.com>
References: <53486164.90204@defuse.ca>
 <CAM91edjdV+OArdBF=cFP7gG4hSk7mccABgdpVuq8OA=H-p5=+Q@mail.gmail.com>
Message-ID: <5348654C.90903@defuse.ca>

On 04/11/2014 03:48 PM, Peter Baldridge wrote:
> On Fri, Apr 11, 2014 at 2:40 PM, Taylor Hornby <havoc at defuse.ca> wrote:
>> both are
>> included in Debian's official repositories.
> 
> Debian has more packages than another distro that I am aware of.  Last
> I heard, it was around 30,000. That is one thing they do very well.
> That's very much the polar opposite of arch's mission, interest, or
> ability.
> 
> https://wiki.archlinux.org/index.php/The_Arch_Way
> 

While I don't see an obvious conflict with The Arch Way, I am definitely
not proposing we should "put everything in the official repos" or even
"have as many packages as Debian." That would be a big waste of time.

I'm only saying that the vote system is probably making us leave some
important packages behind, and it would be a lot better to have an
official channel for brining forward arguments like, "Package X is
really important. It should go in community because reasons A, B, and
C."

-- 
Taylor Hornby

From danielmicay at gmail.com  Fri Apr 11 17:57:48 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Fri, 11 Apr 2014 17:57:48 -0400
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53486164.90204@defuse.ca>
References: <53486164.90204@defuse.ca>
Message-ID: <5348655C.3000207@gmail.com>

Packages are included in the repositories if and only if a developer or
trusted user is interested in maintaining the package. In my opinion,
it's best for packages to be maintained by people who actually use and
care about them even if it means that they're in the AUR instead of the
official repositories. These AUR maintainers have the opportunity to
apply as a trusted user in the future.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140411/72f177f0/attachment.asc>

From havoc at defuse.ca  Fri Apr 11 18:06:40 2014
From: havoc at defuse.ca (Taylor Hornby)
Date: Fri, 11 Apr 2014 16:06:40 -0600
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <5348655C.3000207@gmail.com>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>
Message-ID: <53486770.1070005@defuse.ca>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/11/2014 03:57 PM, Daniel Micay wrote:
> Packages are included in the repositories if and only if a
> developer or trusted user is interested in maintaining the package.
> In my opinion, it's best for packages to be maintained by people
> who actually use and care about them even if it means that they're
> in the AUR instead of the official repositories. These AUR
> maintainers have the opportunity to apply as a trusted user in the
> future.
> 

That's a good point point, and I agree.

My problem with the AUR is just its lack of security. Even an automatic
"build and sign as many AUR packages as possible" kind of repository
would be beneficial, since it would at least ensure that every Arch
Linux user is getting the same copy of the package, which would make it
a lot harder for an attack to go unnoticed.

So, I'm really not annoyed that that important packages are in the AUR
just for the sake of their being in the AUR. I'm annoyed that their
being in the AUR makes it extremely difficult to access them securely.

- -- 
Taylor Hornby
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTSGdwAAoJEN+oIJzpZ41d1kcP/iduFcPrS+sfEMF0iZkCpk36
svscbt9CM6+x92nSLUtdUTbEVIoBSncasVGgm3ktQtZx43+FV6vK2OKozNcC/myX
l9C0dv+BHcIKz+irNc9elgNU6w7PcmPaPAOokIvS+VWcge+Wcw6+FJbA3GY4IVUk
YU8XwyCLg8sS+gLEKhSdtKiTDFNIcTXmuZyuF5hxWKsroIrLIQPAfqKh3bgCKUW6
j6CYeV6PZ7QKdiky7ANOqQ+k3wfmWfk7LhIG/9A0bvvWkf23+mwB6ah8N6verpm9
TduawhFD7Ns1Wf1n6sJDDlywbq3ZnNvHKVNuz4oKFutgLd9Qh+xtPs1b6cUJ7Par
IIvcxT5iKduVwTDydAnJffBu4qIHDTS/GH/PA3mO+8TA1jWDYudgxb5rvIrM7tx5
3wT5Zv4lSoWdZiRyItViJCYiGpBMUmJVmW6g0t+zQRIzcwrxze151XTWwiBru9/4
P4Vp6jlfJuHeGijOsJ87yTs385qEPliyCsiH4R/6sOVF10rN7qlMH4rm3MhGZhWw
u7f3mx49CHE+wvMthmYHxzDDVUtNTAHRnHJ69FV4ZM7d3XdFh3Q92EjdiupguKQx
hDVCxsa1w2Ayo7l481DY89r+/buWgx/Zya40ZkQPYAGMZQZUNF0R6A2PEMNwLy98
58MIP7AB1tYqCjacFh0A
=ifsP
-----END PGP SIGNATURE-----

From heikobecker92 at gmail.com  Fri Apr 11 18:25:58 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Sat, 12 Apr 2014 00:25:58 +0200
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
Message-ID: <53486BF6.3060505@gmail.com>

Am 11.04.2014 21:39, schrieb fsckd:
> Hello,
>
> There will be a class on PKGBUILDs by CalimeroTeknik. It will cover 
> the basics of packaging and how to write a PKGBUILD. Everyone is 
> welcome to attend. The only prerequisite is an interest in the topic.
>
> Here is a list of topics that may be covered. You can vote for those 
> which interest you. The ones with the most votes will get more 
> attention in the class.
> https://pad.riseup.net/p/pkgbuild-class-apr2014
>
> Dates and times: Saturday, April 19, 2014
>                 9:30AM UTC (~7:30PM in Brisbane AU and ~10:30 in 
> Wellington NZ)
>                 4PM UTC (~12 noon in New York and ~9am in Vancouver)
>
> CalimeroTeknik is a bash hacker and a student. He is a longtime Arch 
> Linux user (since about May 2008) and released http://ctkarch.org/ in 
> 2009.

Just a short question: Where will the class be? On the IRC channel of 
archlinux.org or somewhere else? And will it be some kind of recorded as 
I might not be able to attend it but I would like to learn something :D

Best regards,

Heiko

From danielwallace at gtmanfred.com  Fri Apr 11 18:27:41 2014
From: danielwallace at gtmanfred.com (Daniel Wallace)
Date: Fri, 11 Apr 2014 22:27:41 +0000
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53486770.1070005@defuse.ca>
References: <53486164.90204@defuse.ca>
 <5348655C.3000207@gmail.com>,<53486770.1070005@defuse.ca>
Message-ID: <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>

So you're saying... blindly trusting someone else that is unknown to build and blindly sign a package is more secure
than you downloading the pkgbuild with cower or something, looking at the PKGBUILD, and then using makepkg...

How is that?

Second, where do you propose the computing time and the storage space comes from to support this kind of repository?

Daniel

> Date: Fri, 11 Apr 2014 16:06:40 -0600
> From: havoc at defuse.ca
> To: arch-general at archlinux.org
> Subject: Re: [arch-general] Is Voting Effective?
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 04/11/2014 03:57 PM, Daniel Micay wrote:
> > Packages are included in the repositories if and only if a
> > developer or trusted user is interested in maintaining the package.
> > In my opinion, it's best for packages to be maintained by people
> > who actually use and care about them even if it means that they're
> > in the AUR instead of the official repositories. These AUR
> > maintainers have the opportunity to apply as a trusted user in the
> > future.
> > 
> 
> That's a good point point, and I agree.
> 
> My problem with the AUR is just its lack of security. Even an automatic
> "build and sign as many AUR packages as possible" kind of repository
> would be beneficial, since it would at least ensure that every Arch
> Linux user is getting the same copy of the package, which would make it
> a lot harder for an attack to go unnoticed.
> 
> So, I'm really not annoyed that that important packages are in the AUR
> just for the sake of their being in the AUR. I'm annoyed that their
> being in the AUR makes it extremely difficult to access them securely.
> 
> - -- 
> Taylor Hornby
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> 
> iQIcBAEBAgAGBQJTSGdwAAoJEN+oIJzpZ41d1kcP/iduFcPrS+sfEMF0iZkCpk36
> svscbt9CM6+x92nSLUtdUTbEVIoBSncasVGgm3ktQtZx43+FV6vK2OKozNcC/myX
> l9C0dv+BHcIKz+irNc9elgNU6w7PcmPaPAOokIvS+VWcge+Wcw6+FJbA3GY4IVUk
> YU8XwyCLg8sS+gLEKhSdtKiTDFNIcTXmuZyuF5hxWKsroIrLIQPAfqKh3bgCKUW6
> j6CYeV6PZ7QKdiky7ANOqQ+k3wfmWfk7LhIG/9A0bvvWkf23+mwB6ah8N6verpm9
> TduawhFD7Ns1Wf1n6sJDDlywbq3ZnNvHKVNuz4oKFutgLd9Qh+xtPs1b6cUJ7Par
> IIvcxT5iKduVwTDydAnJffBu4qIHDTS/GH/PA3mO+8TA1jWDYudgxb5rvIrM7tx5
> 3wT5Zv4lSoWdZiRyItViJCYiGpBMUmJVmW6g0t+zQRIzcwrxze151XTWwiBru9/4
> P4Vp6jlfJuHeGijOsJ87yTs385qEPliyCsiH4R/6sOVF10rN7qlMH4rm3MhGZhWw
> u7f3mx49CHE+wvMthmYHxzDDVUtNTAHRnHJ69FV4ZM7d3XdFh3Q92EjdiupguKQx
> hDVCxsa1w2Ayo7l481DY89r+/buWgx/Zya40ZkQPYAGMZQZUNF0R6A2PEMNwLy98
> 58MIP7AB1tYqCjacFh0A
> =ifsP
> -----END PGP SIGNATURE-----
 		 	   		  

From debug at bitwisehero.com  Fri Apr 11 18:41:30 2014
From: debug at bitwisehero.com (Randall D)
Date: Fri, 11 Apr 2014 17:41:30 -0500
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <53486BF6.3060505@gmail.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <53486BF6.3060505@gmail.com>
Message-ID: <20140411224130.GA26843@ArchBook>

On Sat, Apr 12, 2014 at 12:25:58AM +0200, Heiko Becker wrote:
> Just a short question: Where will the class be? On the IRC channel of
> archlinux.org or somewhere else? And will it be some kind of recorded as I
> might not be able to attend it but I would like to learn something :D
> 
> Best regards,
> 
> Heiko

May I second the request that you record this? I doubt I will be able to
attend, but I would absolutely love the chance to watch any videos or
audio you might provide later.

Best wishes,

Randall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140411/19a38dd0/attachment.asc>

From fsckdaemon at gmail.com  Fri Apr 11 19:22:11 2014
From: fsckdaemon at gmail.com (fsckd)
Date: Fri, 11 Apr 2014 19:22:11 -0400
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <53486BF6.3060505@gmail.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <53486BF6.3060505@gmail.com>
Message-ID: <534878d7.8f658c0a.1021.1a25@mx.google.com>

> Am 11.04.2014 21:39, schrieb fsckd:
>> Hello,
>>
>> There will be a class on PKGBUILDs by CalimeroTeknik. It will cover 
>> the basics of packaging and how to write a PKGBUILD. Everyone is 
>> welcome to attend. The only prerequisite is an interest in the topic.
>>
>> Here is a list of topics that may be covered. You can vote for those 
>> which interest you. The ones with the most votes will get more 
>> attention in the class.
>> https://pad.riseup.net/p/pkgbuild-class-apr2014
>>
>> Dates and times: Saturday, April 19, 2014
>>                 9:30AM UTC (~7:30PM in Brisbane AU and ~10:30 in 
>> Wellington NZ)
>>                 4PM UTC (~12 noon in New York and ~9am in Vancouver)
>>
>> CalimeroTeknik is a bash hacker and a student. He is a longtime Arch 
>> Linux user (since about May 2008) and released http://ctkarch.org/ in 
>> 2009.
>
> Just a short question: Where will the class be? On the IRC channel of 
> archlinux.org or somewhere else? And will it be some kind of recorded as 
> I might not be able to attend it but I would like to learn something :D
>
> Best regards,
>
> Heiko

I am sorry, I should have mentioned this in the original post.

The class will be held in the IRC channel #archlinux-classroom on Freenode.

Yes, the class will be logged and a link to the logs will be posted.

The class is offered at two times to accommodate people on opposite sides 
of the world. Both times will be logged.

I hope that answers your questions and some. :)

Regards,
fsckd

From havoc at defuse.ca  Fri Apr 11 19:45:46 2014
From: havoc at defuse.ca (Taylor Hornby)
Date: Fri, 11 Apr 2014 17:45:46 -0600
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>,
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
Message-ID: <53487EAA.30006@defuse.ca>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/11/2014 04:27 PM, Daniel Wallace wrote:
> So you're saying... blindly trusting someone else that is unknown
> to build and blindly sign a package is more secure than you
> downloading the pkgbuild with cower or something, looking at the
> PKGBUILD, and then using makepkg...
> 
> How is that?

No, that person has to be trusted not to actively sign malicious
binaries of their own creation and to keep their private key secret.

I'm saying: A single trusted person blindly building and singing
packages is more secure than everyone blindly building and signing
packages.

It's a single opportunity for attack on everyone versus an opportunity
for an attack each time a user installs a package from the AUR. The
former is more detectable after-the-fact (thus much less likely to be
done by an intelligence agency like the NSA) and can be done in a safer
environment (cable internet connection in the USA vs. a WiFi hotspot in
Syria).

The process could also involve grabbing the files (or hashes) through
different Tor exit nodes and comparing them to make sure they're all the
same, and there's no attacker messing with the local Internet
connection.

> 
> Second, where do you propose the computing time and the storage
> space comes from to support this kind of repository?
> 

Would it really be that much? How do other distributions manage it?

- -Taylor

- -- 
Taylor Hornby
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTSH6qAAoJEN+oIJzpZ41dEiEP/i2/galkxDm6TLC4PZW+E8Qd
vPmnZ4hfgLbeK7Xwj6Wj7mS23T+RmydQTkLjaxJtsnmTF4zU5JNaHhz/bKyp1OKf
eoWQeCJWQqEEDnLhN0M1jYif85VT14ZEVLcuTsRmG8+AM6rJQ75kM9KiSN8GzXr4
yzlsxiHIWj6i8s/myl2zOj+WVmat18Ia/6971Jf0kWKKXn1gKz69EtJpvQPpQMas
DmQqlgVVpNtrOUwmai0JcJbgDe5CMUCKhtHfcWASaGlGFbx4epe49YRdOTupj3BZ
e7Xt31Dd6f5Pbb3uMFaYv1CnTtysjWvDJMMa0jt/izHggmOsaDTf7cEDAOu5tDmO
nGC3L5InWIIHMeH/EA+ct29OaXmIqLZg/pvlOgL/vhSNLhFVbNaeZhSeiuWuAccK
ktT4I/z5n+FuDpi8iIJbdBgAevSDpW5e5iWh9T4vzXtddWXrJQlbvOiYAM5FmTgN
Hyz0VKQD2ge7gIA0rXRdLCOoHX11mO0K6KKgDj8t/Ty6FR2wr4WF6cn7rZUsen4s
Cl0Hdaz06wx9fF6S3Vae4bpZxAIDvz/bfaOSxDWlDCdgryx++aKIQwW3tHtn1+zu
Ux7Urd9ccTOFMwStMPOLQnpfoo1f1MlDPtFvvbA3klCFMDTkCHBTFv9yofr16FtW
VU48Tf5CZaUzggKll0x6
=/UiM
-----END PGP SIGNATURE-----

From havoc at defuse.ca  Fri Apr 11 19:58:02 2014
From: havoc at defuse.ca (Taylor Hornby)
Date: Fri, 11 Apr 2014 17:58:02 -0600
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>,
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
Message-ID: <5348818A.3090309@defuse.ca>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/11/2014 04:27 PM, Daniel Wallace wrote:
> So you're saying... blindly trusting someone else that is unknown
> to build and blindly sign a package is more secure than you
> downloading the pkgbuild with cower or something, looking at the
> PKGBUILD, and then using makepkg...

I'd also argue that not all users know how to do that, and the process
is time consuming (especially when there are dozens of dependencies), so
it's effectively impossible for a subset of users.

I realize that contradicts the "user-centric not user-friendly" section
of The Arch Way, but if there's any reason something should be allowed
to violate that rule, it's security.

- -- 
Taylor Hornby
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTSIGKAAoJEN+oIJzpZ41dolcQAJp7fWsCQoXCviRj5zvFJbRw
fFxpOfV6La58qSMO7GeKR1kYxnQWCjwiV+4SkqO8WJ5hnBFEE8EYLdAoW62PB8yK
oDZICgd1B7Ut84j5UfmbNdNQ63pU9YY7cas/iNaqDbe/DR2q0tgcbRFC/oQRNchF
h5M6yX8IsId0qUT9Omo+gsmpW+uUEhj99o0Hormu2Vrv5P9jIZHqN3fD9+w5NNrZ
BM+cU23P01H+oSU2kUsoiv2Hh+X2p4TZJdVeBhnsKbuvSoKHdTf5aC87SgS0UdF0
1p1G+gNSlWLhPsmMAd9ranydH2AC2xupHAc4fPGVIGU2SygpKN9qgBZmgnqMnR+3
1cPmz5/94L+Rl+J2kv79vgLzDphILwSNN+69DRuXbMv3lmzYwdYLZ1nz5YT7NPP7
N798pzsIsKvLc4Nklbl2xUKYSSByX7eymVuPMxqP8DI329mXf0fJFeAg1NrZaJ8U
phbHJN7AN5Uz1WQhOvI5bh7mCecTyDCtdppAVMjcVBmfgKE1cvcWdqeo/KpqEF3b
8KX2zD0mDBsQ4Ww2XqlPiev7u6XJMqUY9Vi8R+wY2wfSz7acVux497ZIMfWixfNq
Sl0bfEvdYOhAhWq1+jk/G4MDds5nptLj7CZq2FUhBIDmMdn35nJ7mHebPZ8RtVsX
ANNCsGQLwqvAHdm7Fo4H
=PTfZ
-----END PGP SIGNATURE-----

From mark at markelee.com  Fri Apr 11 20:17:09 2014
From: mark at markelee.com (Mark Lee)
Date: Fri, 11 Apr 2014 20:17:09 -0400
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53487EAA.30006@defuse.ca>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>,
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl> <53487EAA.30006@defuse.ca>
Message-ID: <53488605.6090902@markelee.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 04/11/2014 07:45 PM, Taylor Hornby wrote:
> On 04/11/2014 04:27 PM, Daniel Wallace wrote:
>> So you're saying... blindly trusting someone else that is unknown
>> to build and blindly sign a package is more secure than you
>> downloading the pkgbuild with cower or something, looking at the
>> PKGBUILD, and then using makepkg...
> 
>> How is that?
> 
> No, that person has to be trusted not to actively sign malicious
> binaries of their own creation and to keep their private key secret.
> 
> I'm saying: A single trusted person blindly building and singing
> packages is more secure than everyone blindly building and signing
> packages.
> 
> It's a single opportunity for attack on everyone versus an opportunity
> for an attack each time a user installs a package from the AUR. The
> former is more detectable after-the-fact (thus much less likely to be
> done by an intelligence agency like the NSA) and can be done in a safer
> environment (cable internet connection in the USA vs. a WiFi hotspot in
> Syria).
> 
> The process could also involve grabbing the files (or hashes) through
> different Tor exit nodes and comparing them to make sure they're all the
> same, and there's no attacker messing with the local Internet
> connection.
> 
> 
>> Second, where do you propose the computing time and the storage
>> space comes from to support this kind of repository?
> 
> 
> Would it really be that much? How do other distributions manage it?
> 
> -Taylor
> 
> 

Salutations,

The point of Arch is that security is mainly a user concern. Arch
doesn't target users who would just blindly install packages from the
AUR without reading the PKGBUILD first, or reading the source code as
another step. If one doesn't know how to compile and/or modify the code
they are using, they really shouldn't be using the code. While other
distributions do this, I strongly disagree with it.

Arch users should read the wiki on how to compile with makepkg before
attempting to install packages from the AUR. By the way, installing a
package can be as simple as "$ makepkg -s -r -i" or more complicated if
further dependencies must be compiled.

Security through a messiah is as useful as security through obscurity.

Regards,
Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iF4EAREIAAYFAlNIhgUACgkQZ/Z80n6+J/ZudAD/QSrAwDUtelbUV9MKB6m51tSi
j/8orGFQE4uaUPb6hwwA/Alcgy8mLCTExbbVPDy7TPwYHW5tp9+moDs+enMHA4sv
=ES3a
-----END PGP SIGNATURE-----

From enwukaer at gmail.com  Fri Apr 11 20:28:55 2014
From: enwukaer at gmail.com (Nowaker)
Date: Sat, 12 Apr 2014 02:28:55 +0200
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53487EAA.30006@defuse.ca>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>,
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl> <53487EAA.30006@defuse.ca>
Message-ID: <534888C7.4060903@gmail.com>

Hi guys,

I really enjoy our status quo with AUR. This is the first user-repo in 
the Linux world that is easy to talk to. Just compare to these Ubuntu's 
PPAs that you first need to find and trust. I really prefer to run 
yaourt -Ss package-i-am-looking-for, and not to Google for "arch linux 
package-i-am-looking-for", then call repo-add, etc. Staying in the 
console is a very big plus for me.

I am also satisfied with how AUR users keep it clean. Delete requests 
(including binaries directly in the PKGBUILD!), merge requests, disown 
requests... While there could be more automation involved, I do believe 
AUR is the best user-repo I have ever used.

Lastly, I am OK to build the packages myself. After all, I see the 
PKGBUILD, which is just simple code. Or even alternatively I see where 
the binaries are downloaded from. If they are downloaded from the 
upstream I am totally OK with that. Binaries built by AUR wouldn't be nice.

> The process could also involve grabbing the files (or hashes) through
> different Tor exit nodes and comparing them to make sure they're all the
> same, and there's no attacker messing with the local Internet
> connection.

This is the *only* improvement I could see for AUR. Not only trust 
sha256sums provided by the maintainer, but also have a guarantee that 
these sha256sums are validated by AUR. If they don't match - the package 
is not available for download.

Anything else like binaries built by AUR itself, trusting the users, 
finding their private repos etc. I do oppose.


Regarding the subject (Is Voting Effective?). Theoretically, packages 
are picked from AUR to [community] according to the number of votes. 
However, I have never seen anything like that. Any time a new Trusted 
User candidate asks to join the team, they list packages that they want 
to move from AUR to [community]. It's totally arbitrary. If there's no 
one to be interested in maintaining the package, it remains in AUR. Fine 
by me.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From kyleterrien at gmail.com  Fri Apr 11 22:08:04 2014
From: kyleterrien at gmail.com (Kyle Terrien)
Date: Fri, 11 Apr 2014 19:08:04 -0700
Subject: [arch-general] Bug NetworkManager when restart NetworkManager
 service
In-Reply-To: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
References: <CAJ2aOA-90Z9BnHXF5Cey=j1FmWM3CPYFZys0USJDhYB4t06U3A@mail.gmail.com>
Message-ID: <5348A004.7020302@gmail.com>

On 04/08/2014 04:31 AM, Maykel Franco wrote:
> Hi, I change for example dns in networkmanager, when restart
> NetworkManager , "systemctl restart NetworkManager" the network not
> works...
> 
> [maykel at maykel-arch ~]$ sudo systemctl status NetworkManager
> ? NetworkManager.service - Network Manager
>    Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
>    Active: active (running) since mar 2014-04-08 12:24:13 CEST; 19s ago
>  Main PID: 3082 (NetworkManager)
>    CGroup: /system.slice/NetworkManager.service
>            ??1223 /usr/bin/dhcpcd -B -K -L -G -c
> /usr/lib/networkmanager/nm-dhcp-client.action enp4s0f2
>            ??3082 /usr/bin/NetworkManager --no-daemon
> 
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
> DHCPv4 client pid 3093 exited with status 1
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
> (enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) scheduled...
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
> (enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) started...
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
> device state change: ip-config -> failed (reason
> 'ip-config-unavailable') [70 120 5]
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info>
> NetworkManager state is now DISCONNECTED
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Marking
> connection 'MO2O' invalid.
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <warn> Activation
> (enp4s0f2) failed for connection 'MO2O'
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> Activation
> (enp4s0f2) Stage 4 of 5 (IPv4 Configure Timeout) complete.
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
> device state change: failed -> disconnected (reason 'none') [120 30 0]
> abr 08 12:24:22 maykel-arch NetworkManager[3082]: <info> (enp4s0f2):
> deactivating device (reason 'none') [0]
> 
> I have reboot my computer for network on again.
> 
> Is a bug networkmanager?
> 
> The version is:
> 
> maykel-arch /home/maykel # NetworkManager --version
> 0.9.8.8
> 
> Thanks in advanced.
> 

I did some more poking around. This is a bug in NetworkManager [1]. When
dhcpcd is running before NetworkManager (e.g. left running by a previous
instance of NetworkManager), NetworkManager does not properly restart
dhcpcd.

The workaround is to install dhclient.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=723746

--Kyle

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140411/8ca7aca4/attachment.asc>

From paladin at jstation.cz  Sat Apr 12 03:21:12 2014
From: paladin at jstation.cz (Paladin)
Date: Sat, 12 Apr 2014 09:21:12 +0200
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <5348818A.3090309@defuse.ca>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
 <5348818A.3090309@defuse.ca>
Message-ID: <20140412072107.GA1938@jstation.cz>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On , Taylor Hornby wrote:
> I'd also argue that not all users know how to do that, and the process
> is time consuming (especially when there are dozens of dependencies), so
> it's effectively impossible for a subset of users.

There are tools which (somewhat) simplifies that. E.g. yaourt.

P.
- -- 
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJTSOljAAoJEID0iULc54suX80P/0zeQgyw/hc9H615C1mPdD/i
8E0TZap+9CDLoKBxeCXQWcbrtf1fUwA4zeWKtDLtL/r8bN9foYgp4UCBgRxb6JKV
RPDuMEtAMQDNi/vTgMCIVUmPeZ7h05jEXo+BLpZJAXCkdeDFANyNd9d5gIiGCfqM
jLfzZLf2kY3QGBzB5GcEa84vRxsrUOu3GdB3qpd1XXZtqkZuucpvIqBSEphBcbdt
r17HkIDYGGySSEgqJWaz2r6daDGnCqIdEtMdeq1sn040Nec83RRIsxyKKd++VScp
dQItgOmsWTmxxgBbbgJIACNx7ROSWxiUtVjZdPzzZyQgFz9etpA5xOkUdgylC+m0
mVeaJXDG+OQiF9PyhWjgD82/IbJT6PHHEOLhFnw1f6RPZgB3X1yCLfOKUAtnLiBq
GONIcyhHLVLbTp8jg8qiCnPG0osVzdPACt3SLI1NYAnZcWB1InVKYhfohaXcBiJN
kxSKR3AhUaAhWI6LrvRFWxngnf+8AmTQ3TOK9fF9q/BtLwCxf+InxYXEtyH08LCM
jgOGzfXioWfd1Ec6/o9PA/94l8K9sbY+DfLHFwJ+o/sFsuwIyQvllzsGKePQC+AL
YRaYNLa/dP9KVjX37xc85zUUKuM/vhVkCLxDNy2IXd9faxdExdbsj0ZeVV6TU8uy
1pSlIgfn1zw+q8odw5h6
=mF5K
-----END PGP SIGNATURE-----

From felixonmars at gmail.com  Sat Apr 12 04:24:45 2014
From: felixonmars at gmail.com (Felix Yan)
Date: Sat, 12 Apr 2014 16:24:45 +0800
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <534888C7.4060903@gmail.com>
References: <53486164.90204@defuse.ca> <53487EAA.30006@defuse.ca>
 <534888C7.4060903@gmail.com>
Message-ID: <7364425.dT6nKRIFfR@felix-arch>

On Saturday, April 12, 2014 02:28:55 Nowaker wrote:
> Regarding the subject (Is Voting Effective?). Theoretically, packages
> are picked from AUR to [community] according to the number of votes.
> However, I have never seen anything like that. Any time a new Trusted
> User candidate asks to join the team, they list packages that they want
> to move from AUR to [community]. It's totally arbitrary. If there's no
> one to be interested in maintaining the package, it remains in AUR. Fine
> by me.

Actually I think the voting system works as an indicator of eligible or not, 
but not at all for priority.

For example, community/aurphan is a helper tool in the official repos. The "-
e" option will give a list of installed AUR packages that having at least 10 
votes.

An Arch Linux Developer or Trusted User can occasionally query the AUR (or use 
some tool like aurphan) looking for those he/she want to move. Take myself as 
an example, I have used aurphan to find dozens of python packages to move to 
[community].

Regards,
Felix Yan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140412/cda3b212/attachment-0001.asc>

From lm at zork.pl  Sat Apr 12 08:49:50 2014
From: lm at zork.pl (=?UTF-8?B?xYF1a2FzeiBNaWNoYWxza2k=?=)
Date: Sat, 12 Apr 2014 14:49:50 +0200
Subject: [arch-general] cyrus-sasl problems
Message-ID: <5349366E.7030108@zork.pl>

Hi,

Today I upgraded arch and have problems with sasl 2.1.26:

[root at black etc]# sasldblistusers2 -f /etc/sasldb2.broken
listusers failed

I can dump and recreate this file with db_dump and db_load, but even 
after that sasldblistuser2 and saslpasswd refuse to use this file.

I can use sasl 2.1.15 from other distro read and update this file, but 
on all my arch distros sasl 2.1.26 refuses to read it.

I can create plain new file with saslpasswd and it works correctly.

Anyone had similar problems?

Regards,
?ukasz

From krejzi at email.com  Sat Apr 12 12:31:35 2014
From: krejzi at email.com (Armin K.)
Date: Sat, 12 Apr 2014 18:31:35 +0200
Subject: [arch-general] cyrus-sasl problems
In-Reply-To: <5349366E.7030108@zork.pl>
References: <5349366E.7030108@zork.pl>
Message-ID: <53496A67.5050801@email.com>

On 04/12/2014 02:49 PM, ?ukasz Michalski wrote:
> Hi,
> 
> Today I upgraded arch and have problems with sasl 2.1.26:
> 
> [root at black etc]# sasldblistusers2 -f /etc/sasldb2.broken
> listusers failed
> 
> I can dump and recreate this file with db_dump and db_load, but even
> after that sasldblistuser2 and saslpasswd refuse to use this file.
> 
> I can use sasl 2.1.15 from other distro read and update this file, but
> on all my arch distros sasl 2.1.26 refuses to read it.
> 
> I can create plain new file with saslpasswd and it works correctly.
> 
> Anyone had similar problems?
> 
> Regards,
> ?ukasz

Archlinux builds cyrus-sasl with gdbm instead of berkeley db nowadays.
Maybe that's your issue. You could try rebuilding cyrus-sasl with
berkeley db support and see if it fixes your issue.

-- 
Note: My last name is not Krejzi.

From alexander3223098 at gmail.com  Sun Apr 13 04:28:07 2014
From: alexander3223098 at gmail.com (Alex Jordan)
Date: Sun, 13 Apr 2014 01:28:07 -0700
Subject: [arch-general] Is Voting Effective?
In-Reply-To: <53487EAA.30006@defuse.ca>
References: <53486164.90204@defuse.ca> <5348655C.3000207@gmail.com>
 <53486770.1070005@defuse.ca>
 <BAY179-W36BCDC7C2CE5B5E9E654C7AB540@phx.gbl>
 <53487EAA.30006@defuse.ca>
Message-ID: <CAFSuKHL5RyBmnNYX1-OvbfVogZ-iY8N8bBRMK=aAtcVQBk+XYg@mail.gmail.com>

On Apr 11, 2014 4:45 PM, "Taylor Hornby" <havoc at defuse.ca> wrote:
> I'm saying: A single trusted person blindly building and singing
> packages is more secure than everyone blindly building and signing
> packages.
As others have said: users should not be blindly building and installing
packages. Friendly reminder that install scriptlets run as root with no
restrictions.

> Would it really be that much? How do other distributions manage it?
Yes, it would be that much. Other distributions manage it by either having
much, much larger communities than us (e.g. Debian), and thus much more
potential donators, or by having corporate backing (e.g. Ubuntu, Fedora).

From m at xbra.de  Sun Apr 13 16:23:29 2014
From: m at xbra.de (=?UTF-8?Q?Maximilian_Br=C3=A4utigam?=)
Date: Sun, 13 Apr 2014 22:23:29 +0200
Subject: [arch-general] Btrfs RAID1 corrupted after crash
Message-ID: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>

Dear all,

unfortunately, I am very very deperate and I highly appreciate any help.
One week ago, I move my entire system to btrfs to setup a RAID1. I
created the RAID between device /dev/sdb and /dev/sdc with no
partition table on normal HDDs. Everything was working smoothly until
my computer crashed and at reboot I was not able to mount the device
(my home dir) again and got the following messages:

[  125.834802] BTRFS info (device sdc): disk space caching is enabled
[  130.600101] BTRFS error (device sdc): block group 1268688879616 has
wrong amount of free space
[  130.600113] BTRFS error (device sdc): failed to load free space
cache for block group 1268688879616
[  130.751274] BTRFS critical (device sdc): corrupt leaf, slot offset
bad: block=1268477591552,root=1, slot=137
[  130.751659] BTRFS critical (device sdc): corrupt leaf, slot offset
bad: block=1268477591552,root=1, slot=137

So I cleared the cache with trying the mount option clear_cache, but
it stayed problematic and I was not able to mount it:

[  368.159594] BTRFS: error (device sdc) in __btrfs_free_extent:5755:
errno=-5 IO failure
[  368.159602] BTRFS: error (device sdc) in
btrfs_run_delayed_refs:2713: errno=-5 IO failure
[  368.165584] BTRFS warning (device sdc): Skipping commit of aborted
transaction.
[  368.165589] BTRFS: error (device sdc) in cleanup_transaction:1545:
errno=-5 IO failure
[  368.165787] BTRFS: error (device sdc) in open_ctree:2839: errno=-5
IO failure (Failed to recover log tree)
[  368.227161] BTRFS: open_ctree failed

Now, if I tried to mount it manually with degraded option enabled:

# mount -t btrfs -o degraded /dev/sdb /mnt/sonst/
mount: wrong fs type, bad option, bad superblock on /dev/sdb,
       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try
       dmesg | tail or so.

Now I run btrfsck with repair option enabled but still I cannot mount it.
Here you can find the dmesg and btrfsck outputs:
dmesg: http://pastebin.com/zsaKQ0h1
btrfsck: http://pastebin.com/xva6uJwT

Please, help me! ;( Are there other options to investigate my RAID or
to even temporarily mount it to get some data? What went wrong here?
What can I do? Why is a simple crash making my RAID unusable? Can I
use other tools for a recovery?

Again, every help is highly appreciated.
Best wishes,
Max
PS: Archlinux, linux-3.14-5, btrfs-progs-3.14-1

From letter at openmailbox.org  Sun Apr 13 16:55:13 2014
From: letter at openmailbox.org (message)
Date: Sun, 13 Apr 2014 20:55:13 +0000
Subject: [arch-general] sound in gnome, none in xfce
Message-ID: <fef807390f9816f5fb38d7280c9128d9@openmailbox.org>

Readers,

In gnome, sound is enabled and can be adjusted via the keyboard function 
keys (e.g. fn + ^). This doesn't work in xfce. What is the cause in this 
different behaviour and any ideas how to solve please?


From bjo at nord-west.org  Sun Apr 13 17:06:29 2014
From: bjo at nord-west.org (Bjoern Franke)
Date: Sun, 13 Apr 2014 23:06:29 +0200
Subject: [arch-general] sound in gnome, none in xfce
In-Reply-To: <fef807390f9816f5fb38d7280c9128d9@openmailbox.org>
References: <fef807390f9816f5fb38d7280c9128d9@openmailbox.org>
Message-ID: <534AFC55.4040007@nord-west.org>

Am 13.04.2014 22:55, schrieb message:
> Readers,
> 
> In gnome, sound is enabled and can be adjusted via the keyboard function 
> keys (e.g. fn + ^). This doesn't work in xfce. What is the cause in this 
> different behaviour and any ideas how to solve please?
> 

Next time read the docs:
https://wiki.archlinux.org/index.php/Xfce#Keyboard_Volume_Buttons

-- 
xmpp bjo at schafweide.org
bjo.nord-west.org | nord-west.org

From leodag.sch at gmail.com  Sun Apr 13 17:40:28 2014
From: leodag.sch at gmail.com (Leonardo Dagnino)
Date: Sun, 13 Apr 2014 18:40:28 -0300
Subject: [arch-general] Btrfs RAID1 corrupted after crash
In-Reply-To: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
References: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
Message-ID: <CANtbE_zTAPwnDrmSDRGTobh_uNZXbxfbgR8R00JVnbry0KJp-Q@mail.gmail.com>

2014-04-13 17:23 GMT-03:00 Maximilian Br?utigam <m at xbra.de>:
> Dear all,
>
> unfortunately, I am very very deperate and I highly appreciate any help.
> One week ago, I move my entire system to btrfs to setup a RAID1. I
> created the RAID between device /dev/sdb and /dev/sdc with no
> partition table on normal HDDs. Everything was working smoothly until
> my computer crashed and at reboot I was not able to mount the device
> (my home dir) again and got the following messages:
>
> [  125.834802] BTRFS info (device sdc): disk space caching is enabled
> [  130.600101] BTRFS error (device sdc): block group 1268688879616 has
> wrong amount of free space
> [  130.600113] BTRFS error (device sdc): failed to load free space
> cache for block group 1268688879616
> [  130.751274] BTRFS critical (device sdc): corrupt leaf, slot offset
> bad: block=1268477591552,root=1, slot=137
> [  130.751659] BTRFS critical (device sdc): corrupt leaf, slot offset
> bad: block=1268477591552,root=1, slot=137
>
> So I cleared the cache with trying the mount option clear_cache, but
> it stayed problematic and I was not able to mount it:
>
> [  368.159594] BTRFS: error (device sdc) in __btrfs_free_extent:5755:
> errno=-5 IO failure
> [  368.159602] BTRFS: error (device sdc) in
> btrfs_run_delayed_refs:2713: errno=-5 IO failure
> [  368.165584] BTRFS warning (device sdc): Skipping commit of aborted
> transaction.
> [  368.165589] BTRFS: error (device sdc) in cleanup_transaction:1545:
> errno=-5 IO failure
> [  368.165787] BTRFS: error (device sdc) in open_ctree:2839: errno=-5
> IO failure (Failed to recover log tree)
> [  368.227161] BTRFS: open_ctree failed
>
> Now, if I tried to mount it manually with degraded option enabled:
>
> # mount -t btrfs -o degraded /dev/sdb /mnt/sonst/
> mount: wrong fs type, bad option, bad superblock on /dev/sdb,
>        missing codepage or helper program, or other error
>
>        In some cases useful info is found in syslog - try
>        dmesg | tail or so.
>
> Now I run btrfsck with repair option enabled but still I cannot mount it.
> Here you can find the dmesg and btrfsck outputs:
> dmesg: http://pastebin.com/zsaKQ0h1
> btrfsck: http://pastebin.com/xva6uJwT
>
> Please, help me! ;( Are there other options to investigate my RAID or
> to even temporarily mount it to get some data? What went wrong here?
> What can I do? Why is a simple crash making my RAID unusable? Can I
> use other tools for a recovery?
>
> Again, every help is highly appreciated.
> Best wishes,
> Max
> PS: Archlinux, linux-3.14-5, btrfs-progs-3.14-1

I don't really know a lot about RAID volumes, but shouldn't there be a
way to mount only one half of the array (only one of the partitions in
RAID)?
Also, if you recently updated anything that may be the cause of the
problem (I'd say the kernel), you may try to create a bootable USB
with the previous version of said packages to access or restore it.

Best regards,
-- 
Leonardo Dagnino

From registo.mailling at gmail.com  Sun Apr 13 17:53:35 2014
From: registo.mailling at gmail.com (Mauro Santos)
Date: Sun, 13 Apr 2014 22:53:35 +0100
Subject: [arch-general] Btrfs RAID1 corrupted after crash
In-Reply-To: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
References: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
Message-ID: <534B075F.60906@gmail.com>

On 13-04-2014 21:23, Maximilian Br?utigam wrote:
> Please, help me! ;( Are there other options to investigate my RAID or
> to even temporarily mount it to get some data? What went wrong here?
> What can I do? Why is a simple crash making my RAID unusable? Can I
> use other tools for a recovery?
> 
> Again, every help is highly appreciated.
> Best wishes,
> Max
> PS: Archlinux, linux-3.14-5, btrfs-progs-3.14-1
> 

First leave both disks alone, don't do anything else with/to them, no
fsck or trying to mount them with non-default options.

Second go to the BTRFS IRC channel [1] and ask for help there, I'd say
that's the place where it might be easier to find the most qualified help.

Explain your problem from the start, say which kernel and tool versions
you are using and provide any other information you think that may
useful, such as what you have already tried. Keep your head cool, be
patient and polite.

[1]
https://btrfs.wiki.kernel.org/index.php/Main_Page#Project_information.2FContact

-- 
Mauro Santos

From rodrigorivascosta at gmail.com  Sun Apr 13 18:15:50 2014
From: rodrigorivascosta at gmail.com (Rodrigo Rivas)
Date: Mon, 14 Apr 2014 00:15:50 +0200
Subject: [arch-general] Btrfs RAID1 corrupted after crash
In-Reply-To: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
References: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
Message-ID: <CABNG1c19E_8VSovoTX1x62xEOmd-0Jn4xDwToJOcCQEk=YHcUg@mail.gmail.com>

On Sun, Apr 13, 2014 at 10:23 PM, Maximilian Br?utigam <m at xbra.de> wrote:

> Please, help me! ;( Are there other options to investigate my RAID or
> to even temporarily mount it to get some data? What went wrong here?
> What can I do? Why is a simple crash making my RAID unusable? Can I
> use other tools for a recovery?

I've had (a lot of) luck in the past with "btrfs restore" [1]. It will
not fix your volumes, but it will copy whatever it can read from the
disk to a safe place. If it is a RAID1 both disks should hold the same
data, so you can try btrfs-restoring first one and then the other...

HTH

[1]: https://btrfs.wiki.kernel.org/index.php/Restore

From javierbuilder at gmail.com  Sun Apr 13 19:44:15 2014
From: javierbuilder at gmail.com (FREE LANCE)
Date: Sun, 13 Apr 2014 23:44:15 +0000 (UTC)
Subject: [arch-general] Invitation to connect on LinkedIn
Message-ID: <646884747.11034000.1397432655685.JavaMail.app@ela4-app1534.prod>

LinkedIn
------------



I'd like to add you to my professional network on LinkedIn.

- FREE

FREE LANCE
Independent Computer Software Professional
Argentina

Confirm that you know FREE LANCE:
https://www.linkedin.com/e/j2jirp-htyzbm0v-o/isd/5861257343441854464/66yylPuz/?hs=false&tok=2VhdQu1dmMoCc1

--
You are receiving Invitation to Connect emails. Click to unsubscribe:
http://www.linkedin.com/e/j2jirp-htyzbm0v-o/URVwc-9dcTd5kGQV68qFBFAwcTxbHZhtaNkxhTYz/goo/arch-general%40archlinux%2Eorg/20061/I6882148449_1/?hs=false&tok=1oFdOAbTmMoCc1

(c) 2012 LinkedIn Corporation. 2029 Stierlin Ct, Mountain View, CA 94043, USA.


  

From dany118 at gmail.com  Mon Apr 14 02:28:05 2014
From: dany118 at gmail.com (Dany De Bontridder)
Date: Mon, 14 Apr 2014 08:28:05 +0200
Subject: [arch-general] Invitation to connect on LinkedIn
In-Reply-To: <646884747.11034000.1397432655685.JavaMail.app@ela4-app1534.prod>
References: <646884747.11034000.1397432655685.JavaMail.app@ela4-app1534.prod>
Message-ID: <CAM9dODHJ+LLwuu6V5kJDp1F0chgWsgJ0W0sw1eYiDCT2BDn4ZQ@mail.gmail.com>

Hi,

You want to connect linkedin with  a mailing list ?

D


On Mon, Apr 14, 2014 at 1:44 AM, FREE LANCE <javierbuilder at gmail.com> wrote:

> LinkedIn
> ------------
>
>
>
> I'd like to add you to my professional network on LinkedIn.
>
> - FREE
>
> FREE LANCE
> Independent Computer Software Professional
> Argentina
>
> Confirm that you know FREE LANCE:
>
> https://www.linkedin.com/e/j2jirp-htyzbm0v-o/isd/5861257343441854464/66yylPuz/?hs=false&tok=2VhdQu1dmMoCc1
>
> --
> You are receiving Invitation to Connect emails. Click to unsubscribe:
>
> http://www.linkedin.com/e/j2jirp-htyzbm0v-o/URVwc-9dcTd5kGQV68qFBFAwcTxbHZhtaNkxhTYz/goo/arch-general%40archlinux%2Eorg/20061/I6882148449_1/?hs=false&tok=1oFdOAbTmMoCc1
>
> (c) 2012 LinkedIn Corporation. 2029 Stierlin Ct, Mountain View, CA 94043,
> USA.
>
>
>
>

From m at xbra.de  Mon Apr 14 03:21:28 2014
From: m at xbra.de (=?UTF-8?B?TWF4aW1pbGlhbiBCcsOkdXRpZ2Ft?=)
Date: Mon, 14 Apr 2014 09:21:28 +0200
Subject: [arch-general] [PARTIALLY SOLVED] Btrfs RAID1 corrupted after
 crash
In-Reply-To: <CABNG1c19E_8VSovoTX1x62xEOmd-0Jn4xDwToJOcCQEk=YHcUg@mail.gmail.com>
References: <CAA7TVBwb3a6QeoLr_5BzNgwtrYETF+VOCHY1THmcg+O5EhPUEA@mail.gmail.com>
 <CABNG1c19E_8VSovoTX1x62xEOmd-0Jn4xDwToJOcCQEk=YHcUg@mail.gmail.com>
Message-ID: <534B8C78.3050504@xbra.de>

Am 14.04.2014 00:15, schrieb Rodrigo Rivas:
> On Sun, Apr 13, 2014 at 10:23 PM, Maximilian Br?utigam <m at xbra.de> wrote:
> 
>> Please, help me! ;( Are there other options to investigate my RAID or
>> to even temporarily mount it to get some data? What went wrong here?
>> What can I do? Why is a simple crash making my RAID unusable? Can I
>> use other tools for a recovery?
> 
> I've had (a lot of) luck in the past with "btrfs restore" [1]. It will
> not fix your volumes, but it will copy whatever it can read from the
> disk to a safe place. If it is a RAID1 both disks should hold the same
> data, so you can try btrfs-restoring first one and then the other...
> 
> HTH
> 
> [1]: https://btrfs.wiki.kernel.org/index.php/Restore
> 

Hi all,

thanks for your replies. I tried several things according to [1].

1) btrfs restore
Was not really working, only a few GB of my data.

2) then I realised some "transid verify failed", so I did a
btrfs-zero-log DEVICE

3) From here I was able to mount my volume again ? so I could save my
latest photos.

When I mount my volume with autodefrag,compress=lzo,subvolid=0, I end up
with a "rw" mounted device. Then I copy some data with e.g. rsync and it
turns to "ro" at some point. I found this while I wanted to scrub the
devices, but this is naturally only working for writable mounts. And it
is still ? I don't know why ? not possible to boot from the device again.

Things to do next: try again with recovery option. If this is not
working: roll back to ext4. But I really like the idea behind COW,
subvolumes, no partitioning, RAID and everything in one fs. Snapshots
against user mistakes, RAID against disk failure ? perfectly save, if
there was not the fs itself.

So far, so good. The problem is, that even if I can come back to a fully
working device or RAID again, the work load (that I have to put in just
because my computer crashed) is much to high for something profound like
a home dir.

Unfortunately, the only thing I learned to far is to give btrfs some
more decades to age. More ideas are of course welcome.

Best wishes and thanks again,
Max

[1] https://unix.stackexchange.com/questions/32440/how-do-i-fix-btrfs

From sean at seangreenslade.com  Mon Apr 14 09:20:29 2014
From: sean at seangreenslade.com (Sean Greenslade)
Date: Mon, 14 Apr 2014 09:20:29 -0400
Subject: [arch-general] Invitation to connect on LinkedIn
In-Reply-To: <CAM9dODHJ+LLwuu6V5kJDp1F0chgWsgJ0W0sw1eYiDCT2BDn4ZQ@mail.gmail.com>
References: <646884747.11034000.1397432655685.JavaMail.app@ela4-app1534.prod>
 <CAM9dODHJ+LLwuu6V5kJDp1F0chgWsgJ0W0sw1eYiDCT2BDn4ZQ@mail.gmail.com>
Message-ID: <9bbf14a1-436c-4b09-a046-fb9f9f9479fa@email.android.com>

On April 14, 2014 2:28:05 AM EDT, Dany De Bontridder <dany118 at gmail.com> wrote:
>Hi,
>
>You want to connect linkedin with  a mailing list ?
>
>D

I suspect he made the rookie mistake of giving LinkedIn his gmail credentials.

-- 
--Sean

From savya.jha91 at gmail.com  Mon Apr 14 09:22:29 2014
From: savya.jha91 at gmail.com (Savyasachee Jha)
Date: Mon, 14 Apr 2014 22:22:29 +0900
Subject: [arch-general] Invitation to connect on LinkedIn
In-Reply-To: <9bbf14a1-436c-4b09-a046-fb9f9f9479fa@email.android.com>
References: <646884747.11034000.1397432655685.JavaMail.app@ela4-app1534.prod>
 <CAM9dODHJ+LLwuu6V5kJDp1F0chgWsgJ0W0sw1eYiDCT2BDn4ZQ@mail.gmail.com>
 <9bbf14a1-436c-4b09-a046-fb9f9f9479fa@email.android.com>
Message-ID: <CAGHKYHr=62z3YAj-1NNeqhjsXTvydRNM534WRFZtDBUbKHw4pA@mail.gmail.com>

That's okay. I think we can forgive him.

This time.

--
Savyasachee Jha

Sent from my Nexus 5
On Apr 14, 2014 10:20 PM, "Sean Greenslade" <sean at seangreenslade.com> wrote:

> On April 14, 2014 2:28:05 AM EDT, Dany De Bontridder <dany118 at gmail.com>
> wrote:
> >Hi,
> >
> >You want to connect linkedin with  a mailing list ?
> >
> >D
>
> I suspect he made the rookie mistake of giving LinkedIn his gmail
> credentials.
>
> --
> --Sean
>

From contact at pavanky.com  Mon Apr 14 09:46:10 2014
From: contact at pavanky.com (Pavan Yalamanchili)
Date: Mon, 14 Apr 2014 09:46:10 -0400
Subject: [arch-general] Bumblebee + NVIDIA Binary driver broken after Linux
	3.14
Message-ID: <CA+AmGP0W8_s7kGd47gso9SYvkwGBMHZT_5gDDODt0=SanB7-gg@mail.gmail.com>

Hi Everyone,

I am not sure which part of this particular combination is broken, but
after an update today I was unable to use my NVIDIA GPU. Reverting back to
an older version of the kernel and the relevant driver packages fixed the
issue.

I have created the following bug report.
https://bugs.archlinux.org/task/39848

Has anyone seen a similar problem ?

--
Pavan

From adys.wh at gmail.com  Mon Apr 14 10:59:27 2014
From: adys.wh at gmail.com (Jerome Leclanche)
Date: Mon, 14 Apr 2014 15:59:27 +0100
Subject: [arch-general] Bumblebee + NVIDIA Binary driver broken after
 Linux 3.14
In-Reply-To: <CA+AmGP0W8_s7kGd47gso9SYvkwGBMHZT_5gDDODt0=SanB7-gg@mail.gmail.com>
References: <CA+AmGP0W8_s7kGd47gso9SYvkwGBMHZT_5gDDODt0=SanB7-gg@mail.gmail.com>
Message-ID: <CAFd36BiBoq0Z_RG3UYZHKYjBCOS4B6JgifN5pmKQoj9cYD60cQ@mail.gmail.com>

Hi
I've been holding the following upgrades because they break 3d support
in Wine. Might be multilib issues.

testing/nvidia-utils     334.21-6       -> 337.12-1
testing/nvidia-libgl     334.21-7       -> 337.12-1
testing/nvidia           334.21-4       -> 337.12-1

I'm not sure if it's the same issue but seemed relevant.

J. Leclanche


On Mon, Apr 14, 2014 at 2:46 PM, Pavan Yalamanchili <contact at pavanky.com> wrote:
> Hi Everyone,
>
> I am not sure which part of this particular combination is broken, but
> after an update today I was unable to use my NVIDIA GPU. Reverting back to
> an older version of the kernel and the relevant driver packages fixed the
> issue.
>
> I have created the following bug report.
> https://bugs.archlinux.org/task/39848
>
> Has anyone seen a similar problem ?
>
> --
> Pavan

From schaefer at trilug.org  Mon Apr 14 23:03:52 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Mon, 14 Apr 2014 23:03:52 -0400
Subject: [arch-general] /var lost, how "reinstall" Archlinux?
In-Reply-To: <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
Message-ID: <1397531032.14429.47.camel@wot>

> > I've lost content of /var, other partitions are ok, so system somewhat
> > boots up (to recovery mode).
> > What is the less pain method to get it again up and running?
> 
> If you have enough time, I would try using pkgfile to recover the
> installed packages. I thing something like this should suffice:
> # update the pkgfile database
> pkgfile -u
> # find the package names for all binaries
> find /usr/bin -type f -exec pkgfile '{}' ';' | uniq
> 
> I assume that the libs would be installed as depends for the programs
> that has a binary in /usr/bin

this seemed like a clever idea, so I gave it a try:

0. Adding -L to the 'find' helped slightly

1. For some binaries pkgfile returns a list, e.g.

$ pkgfile /usr/bin/emacs
extra/emacs
community/emacs-nox

on my system this is the case for 69 out of 2891 files under /usr/bin,
with jack/jack2 and gcc/gcc-multilib responsible for 47 of that 69.  So,
just a bit of manual intervention is needed to select the appropriate
package in these cases.

2. Some files in /usr/bin had no package that pkgfile could find.  Most
were from AUR, but there was also this:

$ pkgfile /usr/bin/init.lxc 
$ pacman -Qo /usr/bin/init.lxc
/usr/bin/init.lxc is owned by lxc 1:1.0.3-1

It seems the 'lxc' package installs 'init.lxc' into /usr/sbin, which
symlinks to /usr/bin.  Not knowing anything about how these tools work,
I'm more surprised that 'pacman -Qo' figured this out, than I am that
'pkgfile' didn't.

3. Ultimately the packages that pkgfile computed from /usr/bin, along
with their dependencies, represented about 94% of the packages on my
system.  The missing packages (listed below) were mostly:

dependencies for things I've installed outside of pacman (e.g. AUR)
gstreamer bits
desktop/X-related (e.g. some fonts, themes)
misc. perl modules

Overall conclusion - potentially useful, and I hope I never have to
deploy it in real life...
Carl

aspell-en
docbook-xml
docbook-xsl
gstreamer0.10-base-plugins
gstreamer0.10-ffmpeg
gstreamer0.10-good
gtk-engine-murrine
gtk-engines
gvfs-smb
hunspell-en
lib32-gcc-libs
lib32-glib
lib32-glibc
lib32-libstdc++5
lib32-zlib
libmspack
libreoffice-extension-nlpsolver
libreoffice-gnome
libtracker-sparql
libva-intel-driver
libvisual
licenses
linux
linux-firmware
linux-headers
man-pages
mate-icon-theme
mate-themes
perl-io-socket-ssl
perl-lwp-protocol-https
perl-mozilla-ca
perl-net-ssleay
perl-text-csv
perl-timedate
ttf-arphic-uming
ttf-baekmuk
ttf-hannom
ttf-sazanami
ttf-tibetan-machine
ttf-tlwg
x11-ssh-askpass
xaw3d
xorg-fonts-type1


From ordo.ad at gmail.com  Tue Apr 15 05:09:08 2014
From: ordo.ad at gmail.com (Alessandro Doro)
Date: Tue, 15 Apr 2014 11:09:08 +0200
Subject: [arch-general] /var lost, how "reinstall" Archlinux?
In-Reply-To: <1397531032.14429.47.camel@wot>
References: <CACh1_Rr1HJxuousFGgZTAWbzF=TGRLpdtJtbH2m60xUDiHdq1w@mail.gmail.com>
 <CAFa9FQt98O3fhfh5JJJhKfojeOwOX4M9MWLjFN+6xEkyDnARrw@mail.gmail.com>
 <1397531032.14429.47.camel@wot>
Message-ID: <20140415090908.GA2397@M50>

On Mon, Apr 14, 2014 at 11:03:52PM -0400, Carl Schaefer wrote:
> 2. Some files in /usr/bin had no package that pkgfile could find.  Most
> were from AUR, but there was also this:
> 
> $ pkgfile /usr/bin/init.lxc 
> $ pacman -Qo /usr/bin/init.lxc
> /usr/bin/init.lxc is owned by lxc 1:1.0.3-1
> 
> It seems the 'lxc' package installs 'init.lxc' into /usr/sbin, which
> symlinks to /usr/bin.  Not knowing anything about how these tools work,
> I'm more surprised that 'pacman -Qo' figured this out, than I am that
> 'pkgfile' didn't.
> 

It seems a packaging bug; I think that `configure' needs:
--sbindir=/use/bin
You should open a bug report.


pkgfile reads the repo database so it cannot find /usr/bin/init.lxc;
it's installed as /usr/sbin/init.lxc

pacman (see pacman(8)):
QUERY OPTIONS
 -o, --owns <file>
 Search for packages that own the specified file(s). The path can be
 relative or absolute and one or more files can be specified.

So it it looks like every path/link is resolved before the search.

From mikhailstrizhov at gmail.com  Tue Apr 15 12:19:59 2014
From: mikhailstrizhov at gmail.com (Mikhail Strizhov)
Date: Tue, 15 Apr 2014 10:19:59 -0600
Subject: [arch-general] Bluetooth keyword layout in Gnome 3.12
Message-ID: <534D5C2F.4050009@gmail.com>


After Gnome 3.10 -> 3.12 upgrade my Bluetooth keyboard layout became 
crazy. There are no English letters, instead it types some numbers.
Sounds silly, but if I press in gedit letter "p" is prints "*", "o" is 
"6", "l" is "3", "q", "w" and others do out output anything.

The keyboard is visible in Bluetooth settings. I also tried to delete 
the keyword settings and reconnect it and it was successful, layout is 
still incorrect.

Any ideas?


Output of dmesg:

[   64.054951] apple 0005:05AC:0239.0002: unknown main item tag 0x0
[   64.055249] input: KC1280 BT Keyboard as 
/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0002/input/input20
[   64.055563] apple 0005:05AC:0239.0002: input,hidraw1: BLUETOOTH HID 
v1.1b Keyboard [KC1280 BT Keyboard] on 7c:e9:d3:b7:d5:77
[  127.771869] usb 1-1.4: USB disconnect, device number 4
[  133.078432] usb 1-1.4: new full-speed USB device number 7 using ehci-pci


Howerver, there are weird warning messages in /var/log/messages:

Apr 15 10:08:28 localhost kernel: input: KC1280 BT Keyboard as 
/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26
Apr 15 10:08:28 localhost kernel: apple 0005:05AC:0239.0008: 
input,hidraw3: BLUETOOTH HID v1.1b Keyboard [KC1280 BT Keyboard] on 
7c:e9:d3:b7:d5:77
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) config/udev: Adding 
input device KC1280 BT Keyboard (/dev/input/event21)
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
Applying InputClass "system-keyboard"
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
Applying InputClass "evdev keyboard catchall"
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) Using input driver 
'evdev' for 'KC1280 BT Keyboard'
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
always reports core events
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) evdev: KC1280 BT 
Keyboard: Device: "/dev/input/event21"
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT 
Keyboard: Vendor 0x5ac Product 0x239
Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT 
Keyboard: Found keys
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) evdev: KC1280 BT 
Keyboard: Configuring as keyboard
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "config_info" 
"udev:/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26/event21"
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) XINPUT: Adding extended 
input device "KC1280 BT Keyboard" (type: KEYBOARD, id 17)
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_rules" "evdev"
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_model" "pc104"
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_layout" "us,ru"
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_variant" ","
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: The XKEYBOARD keymap 
compiler (xkbcomp) reports:
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning:          Compat 
map for group 2 redefined
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: >                   Using 
new definition
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning:          Compat 
map for group 3 redefined
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: >                   Using 
new definition
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning:          Compat 
map for group 4 redefined
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: >                   Using 
new definition
Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: Errors from xkbcomp are not 
fatal to the X server

My keyboard on amazon - 
http://www.amazon.com/gp/product/B0096M8VR2/ref=oh_details_o06_s00_i00?ie=UTF8&psc=1


From rfredette27 at gmail.com  Tue Apr 15 13:14:09 2014
From: rfredette27 at gmail.com (Ryan Fredette)
Date: Tue, 15 Apr 2014 13:14:09 -0400
Subject: [arch-general] Bluetooth keyword layout in Gnome 3.12
In-Reply-To: <534D5C2F.4050009@gmail.com>
References: <534D5C2F.4050009@gmail.com>
Message-ID: <534D68E1.5050707@gmail.com>

It may seem silly, but is numlock on?  It could be that because the 
keyboard doesn't have a numberpad, it's emulating one like many laptop 
keyboards: having it take over the right half of the board when numlock 
is enabled.  I don't know why upgrading Gnome would make numlock on by 
default, but it's worth a look, I think.

Ryan
On 04/15/2014 12:19 PM, Mikhail Strizhov wrote:
>
> After Gnome 3.10 -> 3.12 upgrade my Bluetooth keyboard layout became 
> crazy. There are no English letters, instead it types some numbers.
> Sounds silly, but if I press in gedit letter "p" is prints "*", "o" is 
> "6", "l" is "3", "q", "w" and others do out output anything.
>
> The keyboard is visible in Bluetooth settings. I also tried to delete 
> the keyword settings and reconnect it and it was successful, layout is 
> still incorrect.
>
> Any ideas?
>
>
> Output of dmesg:
>
> [   64.054951] apple 0005:05AC:0239.0002: unknown main item tag 0x0
> [   64.055249] input: KC1280 BT Keyboard as 
> /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0002/input/input20
> [   64.055563] apple 0005:05AC:0239.0002: input,hidraw1: BLUETOOTH HID 
> v1.1b Keyboard [KC1280 BT Keyboard] on 7c:e9:d3:b7:d5:77
> [  127.771869] usb 1-1.4: USB disconnect, device number 4
> [  133.078432] usb 1-1.4: new full-speed USB device number 7 using 
> ehci-pci
>
>
> Howerver, there are weird warning messages in /var/log/messages:
>
> Apr 15 10:08:28 localhost kernel: input: KC1280 BT Keyboard as 
> /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26
> Apr 15 10:08:28 localhost kernel: apple 0005:05AC:0239.0008: 
> input,hidraw3: BLUETOOTH HID v1.1b Keyboard [KC1280 BT Keyboard] on 
> 7c:e9:d3:b7:d5:77
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) config/udev: Adding 
> input device KC1280 BT Keyboard (/dev/input/event21)
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
> Applying InputClass "system-keyboard"
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
> Applying InputClass "evdev keyboard catchall"
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) Using input driver 
> 'evdev' for 'KC1280 BT Keyboard'
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard: 
> always reports core events
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) evdev: KC1280 BT 
> Keyboard: Device: "/dev/input/event21"
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT 
> Keyboard: Vendor 0x5ac Product 0x239
> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT 
> Keyboard: Found keys
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) evdev: KC1280 BT 
> Keyboard: Configuring as keyboard
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "config_info" 
> "udev:/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26/event21"
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) XINPUT: Adding 
> extended input device "KC1280 BT Keyboard" (type: KEYBOARD, id 17)
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_rules" 
> "evdev"
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_model" 
> "pc104"
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_layout" 
> "us,ru"
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_variant" ","
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: The XKEYBOARD keymap 
> compiler (xkbcomp) reports:
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for 
> group 2 redefined
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for 
> group 3 redefined
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for 
> group 4 redefined
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: Errors from xkbcomp are 
> not fatal to the X server
>
> My keyboard on amazon - 
> http://www.amazon.com/gp/product/B0096M8VR2/ref=oh_details_o06_s00_i00?ie=UTF8&psc=1
>


From mikhailstrizhov at gmail.com  Tue Apr 15 13:40:51 2014
From: mikhailstrizhov at gmail.com (Mikhail Strizhov)
Date: Tue, 15 Apr 2014 11:40:51 -0600
Subject: [arch-general] Bluetooth keyword layout in Gnome 3.12
In-Reply-To: <534D68E1.5050707@gmail.com>
References: <534D5C2F.4050009@gmail.com> <534D68E1.5050707@gmail.com>
Message-ID: <534D6F23.90103@gmail.com>



Thanks for reply.  My bluetooth keyboard itself does not have numlock.

On my laptop, I tried to switch numlock on/off, but this did not work 
either.

I am running 3.14.1-1-ARCH that came with gnome 3.12 last night.


On 04/15/2014 11:14 AM, Ryan Fredette wrote:
> It may seem silly, but is numlock on?  It could be that because the
> keyboard doesn't have a numberpad, it's emulating one like many laptop
> keyboards: having it take over the right half of the board when numlock
> is enabled.  I don't know why upgrading Gnome would make numlock on by
> default, but it's worth a look, I think.
>
> Ryan
> On 04/15/2014 12:19 PM, Mikhail Strizhov wrote:
>>
>> After Gnome 3.10 -> 3.12 upgrade my Bluetooth keyboard layout became
>> crazy. There are no English letters, instead it types some numbers.
>> Sounds silly, but if I press in gedit letter "p" is prints "*", "o" is
>> "6", "l" is "3", "q", "w" and others do out output anything.
>>
>> The keyboard is visible in Bluetooth settings. I also tried to delete
>> the keyword settings and reconnect it and it was successful, layout is
>> still incorrect.
>>
>> Any ideas?
>>
>>
>> Output of dmesg:
>>
>> [   64.054951] apple 0005:05AC:0239.0002: unknown main item tag 0x0
>> [   64.055249] input: KC1280 BT Keyboard as
>> /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0002/input/input20
>>
>> [   64.055563] apple 0005:05AC:0239.0002: input,hidraw1: BLUETOOTH HID
>> v1.1b Keyboard [KC1280 BT Keyboard] on 7c:e9:d3:b7:d5:77
>> [  127.771869] usb 1-1.4: USB disconnect, device number 4
>> [  133.078432] usb 1-1.4: new full-speed USB device number 7 using
>> ehci-pci
>>
>>
>> Howerver, there are weird warning messages in /var/log/messages:
>>
>> Apr 15 10:08:28 localhost kernel: input: KC1280 BT Keyboard as
>> /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26
>>
>> Apr 15 10:08:28 localhost kernel: apple 0005:05AC:0239.0008:
>> input,hidraw3: BLUETOOTH HID v1.1b Keyboard [KC1280 BT Keyboard] on
>> 7c:e9:d3:b7:d5:77
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) config/udev: Adding
>> input device KC1280 BT Keyboard (/dev/input/event21)
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard:
>> Applying InputClass "system-keyboard"
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard:
>> Applying InputClass "evdev keyboard catchall"
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (II) Using input driver
>> 'evdev' for 'KC1280 BT Keyboard'
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) KC1280 BT Keyboard:
>> always reports core events
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (**) evdev: KC1280 BT
>> Keyboard: Device: "/dev/input/event21"
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT
>> Keyboard: Vendor 0x5ac Product 0x239
>> Apr 15 10:08:27 localhost gdm-Xorg-:0[426]: (--) evdev: KC1280 BT
>> Keyboard: Found keys
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) evdev: KC1280 BT
>> Keyboard: Configuring as keyboard
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "config_info"
>> "udev:/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4/1-1.4:1.0/bluetooth/hci0/hci0:11/0005:05AC:0239.0008/input/input26/event21"
>>
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (II) XINPUT: Adding
>> extended input device "KC1280 BT Keyboard" (type: KEYBOARD, id 17)
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_rules"
>> "evdev"
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_model"
>> "pc104"
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_layout"
>> "us,ru"
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: (**) Option "xkb_variant" ","
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: The XKEYBOARD keymap
>> compiler (xkbcomp) reports:
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for
>> group 2 redefined
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for
>> group 3 redefined
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Warning: Compat map for
>> group 4 redefined
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: > Using new definition
>> Apr 15 10:08:28 localhost gdm-Xorg-:0[426]: Errors from xkbcomp are
>> not fatal to the X server
>>
>> My keyboard on amazon -
>> http://www.amazon.com/gp/product/B0096M8VR2/ref=oh_details_o06_s00_i00?ie=UTF8&psc=1
>>
>>
>


From ralf.mardorf at alice-dsl.net  Tue Apr 15 15:51:42 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 21:51:42 +0200
Subject: [arch-general] Gedit
Message-ID: <1397591502.3990.7.camel@archlinux>

Hi,

do I miss options for the preferences or doesn't gedit provide a menu
bar and window buttons anymore? A menu bar might be something to argue,
since it's part of the app, but the window buttons are provided by the
window manager I decided to use. Will this happen to other editors, such
as pluma and other apps too? Disgusting!

Doers it make sense to send a veto to upstream or is it wanted by most
users?

Regards,
Ralf


From danielmicay at gmail.com  Tue Apr 15 15:57:59 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 15 Apr 2014 15:57:59 -0400
Subject: [arch-general] Gedit
In-Reply-To: <1397591502.3990.7.camel@archlinux>
References: <1397591502.3990.7.camel@archlinux>
Message-ID: <534D8F47.2040706@gmail.com>

On 15/04/14 03:51 PM, Ralf Mardorf wrote:
> Hi,
> 
> do I miss options for the preferences or doesn't gedit provide a menu
> bar and window buttons anymore? A menu bar might be something to argue,
> since it's part of the app, but the window buttons are provided by the
> window manager I decided to use. Will this happen to other editors, such
> as pluma and other apps too? Disgusting!
> 
> Doers it make sense to send a veto to upstream or is it wanted by most
> users?
> 
> Regards,
> Ralf

The GTK header bar widget replaces the title bar. It's possible to
enable the minimize/maximize buttons for it, and it does respect
whatever theme you're using. It's intended to save vertical space by
making a separate menu/toolbar unnecessary. There are some window
managers not implementing EWMH properly (Xfce's window manager) and you
will get a redundant title bar on top of the header bar.

You can blame Chromium/Chrome and Firefox for making this popular. I
happen to think it's a good idea, although as a user of i3 it has little
to no impact on me.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140415/a75d6540/attachment-0001.asc>

From andres at softwareperonista.com.ar  Tue Apr 15 15:59:36 2014
From: andres at softwareperonista.com.ar (Andres Fernandez)
Date: Tue, 15 Apr 2014 16:59:36 -0300
Subject: [arch-general] Gedit
In-Reply-To: <1397591502.3990.7.camel@archlinux>
References: <1397591502.3990.7.camel@archlinux>
Message-ID: <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>

El 15/04/2014 16:52, "Ralf Mardorf" <ralf.mardorf at alice-dsl.net> escribi?:
>
> Hi,
>
> do I miss options for the preferences or doesn't gedit provide a menu
> bar and window buttons anymore? A menu bar might be something to argue,
> since it's part of the app, but the window buttons are provided by the
> window manager I decided to use. Will this happen to other editors, such
> as pluma and other apps too? Disgusting!

It is the new design guidelines of Gnome 3. I don't think Pluma follow that
design.

> Doers it make sense to send a veto to upstream or is it wanted by most
> users?

It's wanted by most of Gnome user. Anyway, complaining won't change the new
design guidelines, wich are large accepted.

Andr?s Fernandez
Software Peronista

From ralf.mardorf at alice-dsl.net  Tue Apr 15 16:02:14 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 22:02:14 +0200
Subject: [arch-general] Evolution
Message-ID: <1397592134.4272.6.camel@archlinux>

Hi,

here Evolution 3.12.1 has so many bugs, that I won't write tons of bug
reports, but ask you to provide Evolution 3.10.4 by the Arch repository
again.

I Cc to upstream, since it's not the first time that upstream released a
version that is completely unusable for _serious_ work.

Regards,
Ralf


From ralf.mardorf at alice-dsl.net  Tue Apr 15 16:06:02 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 22:06:02 +0200
Subject: [arch-general] Gedit
In-Reply-To: <534D8F47.2040706@gmail.com>
References: <1397591502.3990.7.camel@archlinux> <534D8F47.2040706@gmail.com>
Message-ID: <1397592362.4464.1.camel@archlinux>

On Tue, 2014-04-15 at 15:57 -0400, Daniel Micay wrote:
> There are some window managers not implementing EWMH properly (Xfce's window manager) and you
> will get a redundant title bar on top of the header bar.

I'm using JWM.


From chris at masterbran.ch  Tue Apr 15 16:12:04 2014
From: chris at masterbran.ch (Chris Tonkinson)
Date: Tue, 15 Apr 2014 16:12:04 -0400
Subject: [arch-general] Evolution
In-Reply-To: <1397592134.4272.6.camel@archlinux>
References: <1397592134.4272.6.camel@archlinux>
Message-ID: <534D9294.1000709@masterbran.ch>


> provide Evolution 3.10.4 by the Arch repository

You can use pbrisbin's downgrade script if it's such a problem. It is
available in the AUR (https://aur.archlinux.org/packages/downgrade/).

Cheers!

Chris Tonkinson
610.425.7807

  "Work as if you were to live a hundred years. Pray as if you were to
die tomorrow."
  -Benjamin Franklin


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140415/2d56e67d/attachment.asc>

From ralf.mardorf at alice-dsl.net  Tue Apr 15 16:18:00 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 22:18:00 +0200
Subject: [arch-general] Gedit
In-Reply-To: <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
Message-ID: <1397593080.4464.7.camel@archlinux>

On Tue, 2014-04-15 at 15:57 -0400, Daniel Micay wrote:
> You can blame Chromium/Chrome

They still have a title bar with window buttons, Chromium even takes
care about the JWM theme I'm using.

> and Firefox for making this popular.
Firefox provides a menu bar and a title bar with window buttons using
the JWM theme.

[rocketmouse at archlinux ~]$ pacman -Q chromium google-chrome firefox
chromium 34.0.1847.116-1
google-chrome 34.0.1847.116-1
firefox 28.0-1

On Tue, 2014-04-15 at 16:59 -0300, Andres Fernandez wrote:
> Anyway, complaining won't change the new design guidelines, wich are
> large accepted.

:(


From bjo at nord-west.org  Tue Apr 15 16:22:38 2014
From: bjo at nord-west.org (Bjoern Franke)
Date: Tue, 15 Apr 2014 22:22:38 +0200
Subject: [arch-general] Gedit
In-Reply-To: <1397593080.4464.7.camel@archlinux>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux>
Message-ID: <534D950E.8090106@nord-west.org>

Am 15.04.2014 22:18, schrieb Ralf Mardorf:

> 
> On Tue, 2014-04-15 at 16:59 -0300, Andres Fernandez wrote:
>> Anyway, complaining won't change the new design guidelines, wich are
>> large accepted.
> 
> :(

Well, it's a feature that gedit also lost its menubar. Mousepad, you
have a new friend.



-- 
xmpp bjo at schafweide.org
bjo.nord-west.org | nord-west.org

From danielmicay at gmail.com  Tue Apr 15 16:33:52 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 15 Apr 2014 16:33:52 -0400
Subject: [arch-general] Gedit
In-Reply-To: <1397593080.4464.7.camel@archlinux>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux>
Message-ID: <534D97B0.8060301@gmail.com>

On 15/04/14 04:18 PM, Ralf Mardorf wrote:
> On Tue, 2014-04-15 at 15:57 -0400, Daniel Micay wrote:
>> You can blame Chromium/Chrome
> 
> They still have a title bar with window buttons, Chromium even takes
> care about the JWM theme I'm using.

Chromium defaults to drawing the title bar itself as part of the window,
for the same space-saving reasons. GTK+ applications using the header
bar still have window buttons too - by default a close button, but
optionally minimize/maximize.

Anyway, I'm pointing them out as the applications that popularized this
feature, not as applications *only* providing this choice.

> Firefox provides a menu bar and a title bar with window buttons using
> the JWM theme.

Firefox lacks support for this on Linux because it's not viewed as a
first tier platform. The menu bar will go away on Linux by default when
the new interface is released quite soon. It might not stay around as a
supported feature for much longer.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140415/834ec85e/attachment.asc>

From enwukaer at gmail.com  Tue Apr 15 16:38:47 2014
From: enwukaer at gmail.com (Nowaker)
Date: Tue, 15 Apr 2014 22:38:47 +0200
Subject: [arch-general] Gedit
In-Reply-To: <1397591502.3990.7.camel@archlinux>
References: <1397591502.3990.7.camel@archlinux>
Message-ID: <534D98D7.9060601@gmail.com>

Well, you may give up gedit for Sublime Text. You will never go back. ;)

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From ralf.mardorf at alice-dsl.net  Tue Apr 15 16:47:21 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 22:47:21 +0200
Subject: [arch-general] Evolution
In-Reply-To: <534D9294.1000709@masterbran.ch>
References: <1397592134.4272.6.camel@archlinux>
 <534D9294.1000709@masterbran.ch>
Message-ID: <1397594841.6511.1.camel@archlinux>

On Tue, 2014-04-15 at 16:12 -0400, Chris Tonkinson wrote:
> https://aur.archlinux.org/packages/downgrade/

Thank you Chris :)

I used it to downgrade to

$ pacman -Q evolution evolution-data-server gnome-desktop
evolution 3.10.4-1
evolution-data-server 3.10.4-1
gnome-desktop 1:3.10.2-1

Hopefully it will solve the issues.

Regards,
Ralf


From ralf.mardorf at alice-dsl.net  Tue Apr 15 16:52:43 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Tue, 15 Apr 2014 22:52:43 +0200
Subject: [arch-general] Gedit
In-Reply-To: <534D97B0.8060301@gmail.com>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux> <534D97B0.8060301@gmail.com>
Message-ID: <1397595163.6511.4.camel@archlinux>

On Tue, 2014-04-15 at 16:33 -0400, Daniel Micay wrote:
> > Firefox provides a menu bar and a title bar with window buttons using
> > the JWM theme.
> 
> Firefox lacks support for this on Linux because it's not viewed as a
> first tier platform. The menu bar will go away on Linux by default when
> the new interface is released quite soon. It might not stay around as a
> supported feature for much longer.

I anyway dislike Firefox, regarding to it's history search options, that
don't fit to my needs, so I prefer QupZilla, hopefully QupZilla doesn't
follow this new design.



From andres at softwareperonista.com.ar  Tue Apr 15 16:56:03 2014
From: andres at softwareperonista.com.ar (Andres Fernandez)
Date: Tue, 15 Apr 2014 17:56:03 -0300
Subject: [arch-general] Gedit
In-Reply-To: <534D97B0.8060301@gmail.com>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux> <534D97B0.8060301@gmail.com>
Message-ID: <CADH9eCorTKYpRAoJAcnmjStnHa3VO8mJtg-eQ+RyRZ7AeF9Zqg@mail.gmail.com>

> Chromium defaults to drawing the title bar itself as part of the window,
> for the same space-saving reasons. GTK+ applications using the header
> bar still have window buttons too - by default a close button, but
> optionally minimize/maximize.
>
> Anyway, I'm pointing them out as the applications that popularized this
> feature, not as applications *only* providing this choice.

The main reason for HeaderBar widget on core apps of Gnome is Wayland. This
is a protocol to develop compositors in replacement of the old and beloved
Xorg. In Wayland world there is no Windows Manager, so windows decoration
are in apps. That's the main reason.

From danielmicay at gmail.com  Tue Apr 15 16:59:50 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 15 Apr 2014 16:59:50 -0400
Subject: [arch-general] Gedit
In-Reply-To: <CADH9eCorTKYpRAoJAcnmjStnHa3VO8mJtg-eQ+RyRZ7AeF9Zqg@mail.gmail.com>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux> <534D97B0.8060301@gmail.com>
 <CADH9eCorTKYpRAoJAcnmjStnHa3VO8mJtg-eQ+RyRZ7AeF9Zqg@mail.gmail.com>
Message-ID: <534D9DC6.7070405@gmail.com>

On 15/04/14 04:56 PM, Andres Fernandez wrote:
>> Chromium defaults to drawing the title bar itself as part of the window,
>> for the same space-saving reasons. GTK+ applications using the header
>> bar still have window buttons too - by default a close button, but
>> optionally minimize/maximize.
>>
>> Anyway, I'm pointing them out as the applications that popularized this
>> feature, not as applications *only* providing this choice.
> 
> The main reason for HeaderBar widget on core apps of Gnome is Wayland. This
> is a protocol to develop compositors in replacement of the old and beloved
> Xorg. In Wayland world there is no Windows Manager, so windows decoration
> are in apps. That's the main reason.

That's not at all true. KDE is going to be using server-side window
decorations with their Wayland compositor. The GTK+ header bar is based
on UX design, not anything to do with Wayland. An GTK+ application can
draw client-side decorations with or without a header bar.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140415/9c34f360/attachment.asc>

From andres at softwareperonista.com.ar  Tue Apr 15 17:11:57 2014
From: andres at softwareperonista.com.ar (Andres Fernandez)
Date: Tue, 15 Apr 2014 18:11:57 -0300
Subject: [arch-general] Gedit
In-Reply-To: <534D9DC6.7070405@gmail.com>
References: <1397591502.3990.7.camel@archlinux>
 <CADH9eCqwd9tzN3kSRwR8xwUz-pQzULWwgkAOhsNCdHwqA_OOkA@mail.gmail.com>
 <1397593080.4464.7.camel@archlinux> <534D97B0.8060301@gmail.com>
 <CADH9eCorTKYpRAoJAcnmjStnHa3VO8mJtg-eQ+RyRZ7AeF9Zqg@mail.gmail.com>
 <534D9DC6.7070405@gmail.com>
Message-ID: <CADH9eCo_8R9_WQ8WFanzPRmB9tR0CssO3ho9mET+eV=JMfnOuA@mail.gmail.com>

El 15/04/2014 18:00, "Daniel Micay" <danielmicay at gmail.com> escribi?:

> That's not at all true. KDE is going to be using server-side window
> decorations with their Wayland compositor.

That's true. I didn't know that. Anyway it is a KDE implementation, it's
not part of Wayland Protocol.

> The GTK+ header bar is based
> on UX design, not anything to do with Wayland. An GTK+ application can
> draw client-side decorations with or without a header bar.

That's true too, but client side decoration on Wayland was the main reason
to change the design guidelines.

Andr?s Fernandez
Software Peronista

From olivier at olivierlanglois.net  Tue Apr 15 21:43:56 2014
From: olivier at olivierlanglois.net (Olivier Langlois)
Date: Tue, 15 Apr 2014 21:43:56 -0400
Subject: [arch-general] Evolution
In-Reply-To: <1397592134.4272.6.camel@archlinux>
References: <1397592134.4272.6.camel@archlinux>
Message-ID: <534DE05C.8030505@olivierlanglois.net>

On 04/15/2014 04:02 PM, Ralf Mardorf wrote:
> Hi,
>
> here Evolution 3.12.1 has so many bugs, that I won't write tons of bug
> reports, but ask you to provide Evolution 3.10.4 by the Arch repository
> again.
>
> I Cc to upstream, since it's not the first time that upstream released a
> version that is completely unusable for _serious_ work.
>
>

I am an Evolution user myself. Would care to share some of the problems
that you have encountered with the new version so I can take a decision
to upgrade or not or simply change email client?

What you say is pretty scary to me as similar experience has made me change from kmail to evolution some time ago as if I wanted to contribute by testing bleeding edge new features, I would fetch the git master version of the software. I'm expecting official releases to work reasonably well.


thank you,


From ralf.mardorf at alice-dsl.net  Wed Apr 16 04:26:34 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Wed, 16 Apr 2014 10:26:34 +0200
Subject: [arch-general] Evolution
In-Reply-To: <534DE05C.8030505@olivierlanglois.net>
References: <1397592134.4272.6.camel@archlinux>
 <534DE05C.8030505@olivierlanglois.net>
Message-ID: <1397636794.13149.12.camel@archlinux>


On Tue, 2014-04-15 at 21:43 -0400, Olivier Langlois wrote:
> Would care to share some of the problems that you have encountered
> with the new version

I needed to run

killall gcr-prompter

and

evolution --force-shutdown

because

Evolution asked again and again for the password of one account, even
when I didn't send or retrieve mails, it wasn't add to the keyring.

Evolution kept the send and receive window after finishing all
processes.

Evolution never finished processes, this btw. happens after downgrading
to the previous version, now for the previous version too, so
downgrading to/keeping just

evolution 3.10.4-1
evolution-data-server 3.10.4-1
gnome-desktop 1:3.10.2-1

doesn't solve all issues.

An up to date Arch Linux [1] usually running Jwm, sometimes still
running Xfce4. Cinnamon and Mate are installed too, but I don't use
them.

[1]
[rocketmouse at archlinux ~]$ grep Igno /etc/pacman.conf 
# Pacman won't upgrade packages listed in IgnorePkg and members of
  IgnoreGroup
IgnorePkg   = ardour virtualbox virtualbox-host-dkms
              virtualbox-host-modules virtualbox-ext-oracle
              midori-gtk3 linux-rt linux-rt-headers linux-rt-docs
              mate-calc evolution evolution-data-server
              gnome-desktop
#IgnoreGroup =
[rocketmouse at archlinux ~]$ pacman -Q midori-gtk3
error: package 'midori-gtk3' was not found

I kept Midori GTK2 for a while, which conflicted with the GTK3 version,
but then removed it.

[rocketmouse at archlinux ~]$ uname -rm
3.14.1-1-ARCH x86_64




From snellsg at neopcs.net  Wed Apr 16 11:27:38 2014
From: snellsg at neopcs.net (Sean Snell)
Date: Wed, 16 Apr 2014 11:27:38 -0400
Subject: [arch-general] Problem with Wifi Connections (Intel Corporation
	PRO/Wireless 4965 AG Connection)
Message-ID: <CADTR4wT42Z3okH5bSi2QYAX00a0ydj9x0SKP5r18x=nei+H1Fg@mail.gmail.com>

Hi everybody,
First, this is on a Lenovo X61 laptop. This is a fresh installation on a
new SSD hard drive I recently purchased. I already have a 500GB hard drive
with Arch and Windows dual booting on it, and the Wifi still works just
fine from the old installation when I reinstalled the old hard drive for
testing, but for the life of me I cannot get wifi-menu to connect to any
wifi connections on this new installation.

The card is a Intel Corporation PRO/Wireless 4965 AG. Per the wireless
wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>,
I've installed linux-firmware so I can use the iwlegacy (driver?). With the
help of a friend, we feel the modules are loading correctly, but when we
try to actually connect using wifi-menu, journalctl -xn says the following:

\\\\\\\\\\\
- Unit netctl at wls3\x2dNEOPCS\x2dSecured.service has begun starting up.
Starting network profile 'wls3-NEOPCS-Secured'...
The interface of network profile 'wls3-NEOPCS-Secured' is already up
netctl at wls3\x2dNEOPCS\x2dSecured.service: main process exited, code=exited,
status=1/FAILURE
\\\\\\\\\\\\\


What I've installed in relation to the Wifi:
- wpa_supplicant (per the initial insistence of wifi-menu "out of the box"
- linux-firmware (per the
wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>
)

Output of lspci | grep "Intel":
00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory
Controller Hub (rev 0c)
00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960
Integrated Graphics Controller (primary) (rev 0c)
00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 Integrated
Graphics Controller (secondary) (rev 0c)
00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network
Connection (rev 03)
00:1a.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
Controller #4 (rev 03)
00:1a.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
Controller #5 (rev 03)
00:1a.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
Controller #2 (rev 03)
00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio
Controller (rev 03)
00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
1 (rev 03)
00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
2 (rev 03)
00:1d.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
Controller #1 (rev 03)
00:1d.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
Controller #2 (rev 03)
00:1d.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
Controller #1 (rev 03)
00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3)
00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M-E) LPC Interface
Controller (rev 03)
00:1f.2 IDE interface: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA
Controller [IDE mode] (rev 03)
00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev
03)
03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN
[Kedron] Network Connection (rev 61)

Output of lsmod | grep -h "iw":
iwl4965 90075 0
iwlegacy 49001 1 iwl4965
mac80211 490609 2 iwl4965,iwlegacy
cfg80211 431038 3 iwl4965,iwlegacy,mac80211
led_class 3547 3 sdhci,iwlegacy,thinkpad_acpi


Can anybody help clue me into what I might be overlooking? I've run out of
ideas of what else to look into, and while I'm still "getting my feet wet"
with Linux, being a Windows admin by profession, I'm not afraid to dig
deeper with a little help! :)

Thanks everybody!
Sean

From magnus at therning.org  Wed Apr 16 12:41:16 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 16 Apr 2014 18:41:16 +0200
Subject: [arch-general] bumblebee: only working every other time
Message-ID: <20140416164116.GA1153@tatooine.lan>

I've finally gotten around to installing and configuring bumblebee.
It's working, sort of.  It's rather weird because it only works every
other time:

~~~~
% cat /proc/acpi/bbswitch 
0000:01:00.0 OFF

% primusrun glxspheres64 
primus: fatal: Bumblebee daemon reported: error: [XORG] (EE) NVIDIA(GPU-0): Failed to initialize the NVIDIA GPU at PCI:1:0:0.  Please

% primusrun glxspheres64
Polygons in scene: 62464
Visual ID of window: 0x20
Context is Direct
OpenGL Renderer: GeForce GT 750M/PCIe/SSE2
62.103457 frames/sec - 69.307458 Mpixels/sec
~~~~

And so it goes on.  The next run of `primusrun` fails, usually with
the message

~~~~
% primusrun glxspheres64
primus: fatal: Bumblebee daemon reported: error: [XORG] (EE) Server terminated successfully (0). Closing log file.
~~~~

the next run works.  And so on.  Very strange behaviour I think.  And
the $SEARCH_ENGINE doesn't really offer any help either, most people
seem to have the problem that it never works, not that it works 50% of
the times :(

Any and all help much appreciated.

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

Most software today is very much like an Egyptian pyramid with
millions of bricks piled on top of each other, with no structural
integrity, but just done by brute force and thousands of slaves.
     -- Alan Kay
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140416/4da08e37/attachment.asc>

From g.schlisio at dukun.de  Wed Apr 16 13:51:37 2014
From: g.schlisio at dukun.de (G. Schlisio)
Date: Wed, 16 Apr 2014 19:51:37 +0200
Subject: [arch-general] bumblebee: only working every other time
In-Reply-To: <20140416164116.GA1153@tatooine.lan>
References: <20140416164116.GA1153@tatooine.lan>
Message-ID: <534EC329.1050300@dukun.de>

> It's rather weird because it only works every other time:

i had those errors as well (i use optirun). adding kernel command line
parameters as mentioned in this [0] thread solved it for me.

[0] https://bbs.archlinux.org/viewtopic.php?id=169742

From magnus at therning.org  Wed Apr 16 17:57:20 2014
From: magnus at therning.org (Magnus Therning)
Date: Wed, 16 Apr 2014 23:57:20 +0200
Subject: [arch-general] bumblebee: only working every other time
In-Reply-To: <534EC329.1050300@dukun.de>
References: <20140416164116.GA1153@tatooine.lan>
 <534EC329.1050300@dukun.de>
Message-ID: <20140416215720.GA1022@tatooine.lan>

On Wed, Apr 16, 2014 at 07:51:37PM +0200, G. Schlisio wrote:
> > It's rather weird because it only works every other time:
> 
> i had those errors as well (i use optirun). adding kernel command line
> parameters as mentioned in this [0] thread solved it for me.
> 
> [0] https://bbs.archlinux.org/viewtopic.php?id=169742

Indeed, adding

  rcutree.rcu_idle_gp_delay=1

to GRUB_CMDLINE_LINUX_DEFAULT in `/etc/default/grub` did the trick.

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus at therning.org   jabber: magnus at therning.org
twitter: magthe               http://therning.org/magnus

The results point out the fragility of programmer expertise: advanced
programmers have strong expectations about what programs should look like,
and when those expectations are violated--in seemingly innocuous
ways--their performance drops drastically.
     -- Elliot Soloway and Kate Ehrlich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140416/c74be939/attachment.asc>

From anatol.pomozov at gmail.com  Wed Apr 16 18:38:33 2014
From: anatol.pomozov at gmail.com (Anatol Pomozov)
Date: Wed, 16 Apr 2014 15:38:33 -0700
Subject: [arch-general] Android support in Linux Arch
Message-ID: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>

In my TU application I promised to look at situation with Android
support in Arch.

Android is an open-source project that has a number of sub-projects.
The official website offers prebuild binaries for those sub-projects
such as sdk, ndk, build-tools, IDE plugins,... We want to simplify
Android installation and maintenance and looking into turning it into
real packages. Installing tools by downloading and unpacking is sux
and so 90s.

The naive way to add packages is to use these binaries and just repack
them into Arch packages. Or download-at-installation - something like
what we do for proprietary software. AUR has many android packages
that download binary files from Android website. But using prebuilt
binary packages is something atypical for Arch. There are issues with
it:

- android download site provides only 32-bit binaries so multilib
repositories are required
- prebuild packages do not use standard installation paths
- they compile against older version of third-party projects and
bundled it into download files. The packages should depend on existing
system libraries instead.

The plan is to provide proper Arch packages that do not have the
problems listed above.

I initially tried to build a package that follows "build whole Android
source-tree" official instructions [1]. And then pack only parts we
need. Oh boy, this was painful. The source tree is several Gb of code,
it pulls prebuilt versions of gcc, clang, python,.. It requires
specific version of make and java. After a week of trying to build
Android on Arch without using prebuilds I gave up.

Actually those instructions [1] build system images that include
kernel and ARM code for a specific hardware. Arch does not need it.
I've decided to attack this problem from other side: find what exactly
we need to pack as Arch packages and then build it from sources.

I've decided to look to AUR non-binary android packages and see what
people vote for (who said that voting is useless?). There are a number
of packages that seems good for moving to [community]:

- android-tools https://aur.archlinux.org/packages/android-tools/ It
contains adb and fastboot. These the packages that I am interested in.
I am not an Android developer I am just an Android user and adb is the
most useful Android tool for me.

- android completion for adb/fastboot
https://aur.archlinux.org/packages/android-bash-completion/  these
files can be merged into previous package.

- android-udev https://aur.archlinux.org/packages/android-udev/ sounds
useful as well

These 3 packages is easy to move to [community] and my gut feeling
says it should be enough for the most Android users.


These is another category of users: those who *develop* for Android
and need a lot of other tools, such as:

sdk
sdk-build-tools: aapt, aidl, dexdump, dx, llvm-rs-cc
ndk
api docs
IDE plugins?
system images?

I did not find source packages for it at AUR. So if we want to add it
[community] we need to create such packages but it might be quite
hard.

Are there people with Android development background? What exactly do
you miss in Arch? Is it worth building our own SDK/eclipse
plugins/...?


[1] http://source.android.com/source/building-running.html

From karol at babioch.de  Wed Apr 16 18:50:25 2014
From: karol at babioch.de (Karol Babioch)
Date: Thu, 17 Apr 2014 00:50:25 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
Message-ID: <534F0931.3070704@babioch.de>

Hi,

Am 17.04.2014 00:38, schrieb Anatol Pomozov:
> Are there people with Android development background? What exactly do
> you miss in Arch? 

The problem I face with the Android situation in Arch is that currently
there seems to be no "clean" (TM) way to install the SDK and related
stuff. The android-sdk package from AUR is fine and dandy, but one
usually also needs to install a whole bunch of API specific packages
through the "android" tool from the SDK.

- This doesn't work for normal users, e.g. you can update the packages
using Eclipse, but you need to start "/opt/android-sdk/tools/android" as
root

- Installing any sort of package through the "installer" mentioned above
isn't compatible with the whole idea of package management, because the
package manager isn't aware of these files. I ran into conflicts before,
which I had to resolve by temporarily removing some components.

Maybe I'm doing something wrong here, but at least this is what I've
experienced throughout the last couple of months. Unfortunately I don't
see a good way how this can be improved, as I like the idea of
installing only API components that I really need and get instant (!)
updates for them directly from the upstream project.

Anyone familiar with the situation on other distributions? How do they
handle all of this?

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/d902a179/attachment.asc>

From xgdgsc at gmail.com  Wed Apr 16 22:22:52 2014
From: xgdgsc at gmail.com (GSC)
Date: Thu, 17 Apr 2014 10:22:52 +0800
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <534F0931.3070704@babioch.de>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de>
Message-ID: <534F3AFC.3070103@gmail.com>

On 04/17/2014 06:50 AM, Karol Babioch wrote:
> Hi,
>
> Am 17.04.2014 00:38, schrieb Anatol Pomozov:
>> Are there people with Android development background? What exactly do
>> you miss in Arch?
> The problem I face with the Android situation in Arch is that currently
> there seems to be no "clean" (TM) way to install the SDK and related
> stuff. The android-sdk package from AUR is fine and dandy, but one
> usually also needs to install a whole bunch of API specific packages
> through the "android" tool from the SDK.
>
> - This doesn't work for normal users, e.g. you can update the packages
> using Eclipse, but you need to start "/opt/android-sdk/tools/android" as
> root
>
> - Installing any sort of package through the "installer" mentioned above
> isn't compatible with the whole idea of package management, because the
> package manager isn't aware of these files. I ran into conflicts before,
> which I had to resolve by temporarily removing some components.
>
> Maybe I'm doing something wrong here, but at least this is what I've
> experienced throughout the last couple of months. Unfortunately I don't
> see a good way how this can be improved, as I like the idea of
> installing only API components that I really need and get instant (!)
> updates for them directly from the upstream project.
>
> Anyone familiar with the situation on other distributions? How do they
> handle all of this?
>
> Best regards,
> Karol Babioch
>
You can just chown /opt/android-sdk and it will be easier to install api.

  Judging by the vote of android packages on AUR, most people seem to 
use the main android-sdk... packages and download apis from it, this 
shouldn' t be causing any conflict, I think. A cleaner way would be you 
just download the android-sdk from google and manage it yourself, 
anyway, itself is a package manager. I' m quite satisfied with the 
current status and don' t find support for android in [community] 
necessary, while if android licence allows this, moving some main 
android development packages to [community] doesn' t hurt, especially 
some huge package like android-ndk.  I don' t know why you only consider 
non-binary packages.


From karol at babioch.de  Thu Apr 17 02:20:00 2014
From: karol at babioch.de (Karol Babioch)
Date: Thu, 17 Apr 2014 08:20:00 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <534F3AFC.3070103@gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
Message-ID: <534F7290.1010805@babioch.de>

Hi,

Am 17.04.2014 04:22, schrieb GSC:
> You can just chown /opt/android-sdk and it will be easier to install api.

Yeah, although I don't like the idea to "mess" around in /opt. Maybe it
would be possible to introduce an "android" group, so it would be
sufficient to add my user to this group?

> especially some huge package like android-ndk.  I don' t know why you
> only consider non-binary packages.

+1. android-ndk is a pain in the ass to compile, especially on older
hardware, where it takes not only long but might run into memory
restrictions, because it takes up so much RAM.

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/e0e7228c/attachment-0001.asc>

From danielmicay at gmail.com  Thu Apr 17 02:53:38 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Thu, 17 Apr 2014 02:53:38 -0400
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <534F7290.1010805@babioch.de>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
 <534F7290.1010805@babioch.de>
Message-ID: <534F7A72.2050405@gmail.com>

On 17/04/14 02:20 AM, Karol Babioch wrote:
> Hi,
> 
> Am 17.04.2014 04:22, schrieb GSC:
>> You can just chown /opt/android-sdk and it will be easier to install api.
> 
> Yeah, although I don't like the idea to "mess" around in /opt. Maybe it
> would be possible to introduce an "android" group, so it would be
> sufficient to add my user to this group?

I think it's best to just install it to your home directory without
involving the system package manager if you want to use the android
package manager for anything.

It's not sane to be giving users access to a directory in the PATH of
other users, especially root. Many people have a single user system
without a true non-administrator account, but packages need to be secure
in cases where this isn't true.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/278d66b8/attachment.asc>

From m at xbra.de  Thu Apr 17 03:57:33 2014
From: m at xbra.de (=?ISO-8859-1?Q?Maximilian_Br=E4utigam?=)
Date: Thu, 17 Apr 2014 09:57:33 +0200
Subject: [arch-general] Problem with Wifi Connections (Intel Corporation
 PRO/Wireless 4965 AG Connection)
In-Reply-To: <CADTR4wT42Z3okH5bSi2QYAX00a0ydj9x0SKP5r18x=nei+H1Fg@mail.gmail.com>
References: <CADTR4wT42Z3okH5bSi2QYAX00a0ydj9x0SKP5r18x=nei+H1Fg@mail.gmail.com>
Message-ID: <534F896D.5080303@xbra.de>

Am 16.04.2014 17:27, schrieb Sean Snell:
> Hi everybody,
> First, this is on a Lenovo X61 laptop. This is a fresh installation on a
> new SSD hard drive I recently purchased. I already have a 500GB hard drive
> with Arch and Windows dual booting on it, and the Wifi still works just
> fine from the old installation when I reinstalled the old hard drive for
> testing, but for the life of me I cannot get wifi-menu to connect to any
> wifi connections on this new installation.
> 
> The card is a Intel Corporation PRO/Wireless 4965 AG. Per the wireless
> wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>,
> I've installed linux-firmware so I can use the iwlegacy (driver?). With the
> help of a friend, we feel the modules are loading correctly, but when we
> try to actually connect using wifi-menu, journalctl -xn says the following:
> 
> \\\\\\\\\\\
> - Unit netctl at wls3\x2dNEOPCS\x2dSecured.service has begun starting up.
> Starting network profile 'wls3-NEOPCS-Secured'...
> The interface of network profile 'wls3-NEOPCS-Secured' is already up
> netctl at wls3\x2dNEOPCS\x2dSecured.service: main process exited, code=exited,
> status=1/FAILURE
> \\\\\\\\\\\\\
> 
> 
> What I've installed in relation to the Wifi:
> - wpa_supplicant (per the initial insistence of wifi-menu "out of the box"
> - linux-firmware (per the
> wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>
> )
> 
> Output of lspci | grep "Intel":
> 00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory
> Controller Hub (rev 0c)
> 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960
> Integrated Graphics Controller (primary) (rev 0c)
> 00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 Integrated
> Graphics Controller (secondary) (rev 0c)
> 00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network
> Connection (rev 03)
> 00:1a.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> Controller #4 (rev 03)
> 00:1a.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> Controller #5 (rev 03)
> 00:1a.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
> Controller #2 (rev 03)
> 00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio
> Controller (rev 03)
> 00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
> 1 (rev 03)
> 00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
> 2 (rev 03)
> 00:1d.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> Controller #1 (rev 03)
> 00:1d.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> Controller #2 (rev 03)
> 00:1d.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
> Controller #1 (rev 03)
> 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3)
> 00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M-E) LPC Interface
> Controller (rev 03)
> 00:1f.2 IDE interface: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA
> Controller [IDE mode] (rev 03)
> 00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev
> 03)
> 03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN
> [Kedron] Network Connection (rev 61)
> 
> Output of lsmod | grep -h "iw":
> iwl4965 90075 0
> iwlegacy 49001 1 iwl4965
> mac80211 490609 2 iwl4965,iwlegacy
> cfg80211 431038 3 iwl4965,iwlegacy,mac80211
> led_class 3547 3 sdhci,iwlegacy,thinkpad_acpi
> 
> 
> Can anybody help clue me into what I might be overlooking? I've run out of
> ideas of what else to look into, and while I'm still "getting my feet wet"
> with Linux, being a Windows admin by profession, I'm not afraid to dig
> deeper with a little help! :)
> 
> Thanks everybody!
> Sean
> 

Hi Sean,

to my mind it look promising since the correct modules appear to be
loaded. Maybe you could comment an how you try to establish the
connection. I usually prefer to use the NetworkManager.

https://wiki.archlinux.org/index.php/NetworkManager

base package is "networkmanager",
for Gnome: "network-manager-applet"
for KDE: "kdeplasma-applets-plasma-nm"

I think (but I am unsure) you should stop all netctl services running
before trying the following commands.

Start the daemon (cases are correct this way):
# systemctl start NetworkManager.service

If you wanna use cli:

List of devices:
# nmcli con list
Connect:
# nmcli dev wifi connect <name> password <password>

If it is working enable the daemon on boot:
# systemctl enable NetworkManager.service

Best wishes,
Max

From lists at sapience.com  Thu Apr 17 09:11:35 2014
From: lists at sapience.com (Genes Lists)
Date: Thu, 17 Apr 2014 09:11:35 -0400
Subject: [arch-general] KDE update and baloo
Message-ID: <534FD307.2060400@sapience.com>

After the update to 4.13 - i have baloo sucking up cpu cylces. I did go 
to the desktop search and add every single file system/directory to the 
'dont scan' list.  So there should be nothing left to scan.

Didn't help - it's still running 2 hours later ...  anyone know how to 
stop this selfish cpu hog?



thanks!

From zg at linux.com  Thu Apr 17 09:31:16 2014
From: zg at linux.com (Zack Gold)
Date: Thu, 17 Apr 2014 09:31:16 -0400
Subject: [arch-general] Problem with Wifi Connections (Intel Corporation
 PRO/Wireless 4965 AG Connection)
In-Reply-To: <534F896D.5080303@xbra.de>
References: <CADTR4wT42Z3okH5bSi2QYAX00a0ydj9x0SKP5r18x=nei+H1Fg@mail.gmail.com>
 <534F896D.5080303@xbra.de>
Message-ID: <CAKni=iG9B-iw4pbL7h4yDRUQj5m2JhZEEY7KxZy8JgBaOtuG2g@mail.gmail.com>

Hi Sean,

I have been having issues connecting to a WiFi network on my laptop
lately as well, here's what I did to resolve the issue, which might
help in your case too.

I was having problems with netctl because it apparently is trying to
use dhcpcd in the wrong way, or is trying to take on the role that
dhcpcd plays. Maybe someone can correct me if I'm misinterpreting the
issue at hand. The way I resolved this issue was to revert back to
netctl-1.4-2, run `ip link set wlan0 down' (wlan0 is my wireless
interface), and then run `netctl enable wlan0-network' (wlan0-network
is my netctl profile).

Hopefully this helps,
Zack Gold

On Thu, Apr 17, 2014 at 3:57 AM, Maximilian Br?utigam <m at xbra.de> wrote:
> Am 16.04.2014 17:27, schrieb Sean Snell:
>> Hi everybody,
>> First, this is on a Lenovo X61 laptop. This is a fresh installation on a
>> new SSD hard drive I recently purchased. I already have a 500GB hard drive
>> with Arch and Windows dual booting on it, and the Wifi still works just
>> fine from the old installation when I reinstalled the old hard drive for
>> testing, but for the life of me I cannot get wifi-menu to connect to any
>> wifi connections on this new installation.
>>
>> The card is a Intel Corporation PRO/Wireless 4965 AG. Per the wireless
>> wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>,
>> I've installed linux-firmware so I can use the iwlegacy (driver?). With the
>> help of a friend, we feel the modules are loading correctly, but when we
>> try to actually connect using wifi-menu, journalctl -xn says the following:
>>
>> \\\\\\\\\\\
>> - Unit netctl at wls3\x2dNEOPCS\x2dSecured.service has begun starting up.
>> Starting network profile 'wls3-NEOPCS-Secured'...
>> The interface of network profile 'wls3-NEOPCS-Secured' is already up
>> netctl at wls3\x2dNEOPCS\x2dSecured.service: main process exited, code=exited,
>> status=1/FAILURE
>> \\\\\\\\\\\\\
>>
>>
>> What I've installed in relation to the Wifi:
>> - wpa_supplicant (per the initial insistence of wifi-menu "out of the box"
>> - linux-firmware (per the
>> wiki<https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy>
>> )
>>
>> Output of lspci | grep "Intel":
>> 00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory
>> Controller Hub (rev 0c)
>> 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960
>> Integrated Graphics Controller (primary) (rev 0c)
>> 00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 Integrated
>> Graphics Controller (secondary) (rev 0c)
>> 00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network
>> Connection (rev 03)
>> 00:1a.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
>> Controller #4 (rev 03)
>> 00:1a.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
>> Controller #5 (rev 03)
>> 00:1a.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
>> Controller #2 (rev 03)
>> 00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio
>> Controller (rev 03)
>> 00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
>> 1 (rev 03)
>> 00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port
>> 2 (rev 03)
>> 00:1d.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
>> Controller #1 (rev 03)
>> 00:1d.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
>> Controller #2 (rev 03)
>> 00:1d.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
>> Controller #1 (rev 03)
>> 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3)
>> 00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M-E) LPC Interface
>> Controller (rev 03)
>> 00:1f.2 IDE interface: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA
>> Controller [IDE mode] (rev 03)
>> 00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev
>> 03)
>> 03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN
>> [Kedron] Network Connection (rev 61)
>>
>> Output of lsmod | grep -h "iw":
>> iwl4965 90075 0
>> iwlegacy 49001 1 iwl4965
>> mac80211 490609 2 iwl4965,iwlegacy
>> cfg80211 431038 3 iwl4965,iwlegacy,mac80211
>> led_class 3547 3 sdhci,iwlegacy,thinkpad_acpi
>>
>>
>> Can anybody help clue me into what I might be overlooking? I've run out of
>> ideas of what else to look into, and while I'm still "getting my feet wet"
>> with Linux, being a Windows admin by profession, I'm not afraid to dig
>> deeper with a little help! :)
>>
>> Thanks everybody!
>> Sean
>>
>
> Hi Sean,
>
> to my mind it look promising since the correct modules appear to be
> loaded. Maybe you could comment an how you try to establish the
> connection. I usually prefer to use the NetworkManager.
>
> https://wiki.archlinux.org/index.php/NetworkManager
>
> base package is "networkmanager",
> for Gnome: "network-manager-applet"
> for KDE: "kdeplasma-applets-plasma-nm"
>
> I think (but I am unsure) you should stop all netctl services running
> before trying the following commands.
>
> Start the daemon (cases are correct this way):
> # systemctl start NetworkManager.service
>
> If you wanna use cli:
>
> List of devices:
> # nmcli con list
> Connect:
> # nmcli dev wifi connect <name> password <password>
>
> If it is working enable the daemon on boot:
> # systemctl enable NetworkManager.service
>
> Best wishes,
> Max

From snellsg at neopcs.net  Thu Apr 17 09:37:20 2014
From: snellsg at neopcs.net (Sean Snell)
Date: Thu, 17 Apr 2014 09:37:20 -0400
Subject: [arch-general] Problem with Wifi Connections (Intel Corporation
 PRO/Wireless 4965 AG Connection)
In-Reply-To: <CAKni=iG9B-iw4pbL7h4yDRUQj5m2JhZEEY7KxZy8JgBaOtuG2g@mail.gmail.com>
References: <CADTR4wT42Z3okH5bSi2QYAX00a0ydj9x0SKP5r18x=nei+H1Fg@mail.gmail.com>
 <534F896D.5080303@xbra.de>
 <CAKni=iG9B-iw4pbL7h4yDRUQj5m2JhZEEY7KxZy8JgBaOtuG2g@mail.gmail.com>
Message-ID: <CADTR4wRVzadvfEukmUDZ33CiQvuv1SC6usovqBPTEY69Rbv9Tg@mail.gmail.com>

Thank you for the replies; I'll be back on the project within the next 2-3
hours, and I'll report back on your suggestions.

Sean


On Thu, Apr 17, 2014 at 9:31 AM, Zack Gold <zg at linux.com> wrote:

> Hi Sean,
>
> I have been having issues connecting to a WiFi network on my laptop
> lately as well, here's what I did to resolve the issue, which might
> help in your case too.
>
> I was having problems with netctl because it apparently is trying to
> use dhcpcd in the wrong way, or is trying to take on the role that
> dhcpcd plays. Maybe someone can correct me if I'm misinterpreting the
> issue at hand. The way I resolved this issue was to revert back to
> netctl-1.4-2, run `ip link set wlan0 down' (wlan0 is my wireless
> interface), and then run `netctl enable wlan0-network' (wlan0-network
> is my netctl profile).
>
> Hopefully this helps,
> Zack Gold
>
> On Thu, Apr 17, 2014 at 3:57 AM, Maximilian Br?utigam <m at xbra.de> wrote:
> > Am 16.04.2014 17:27, schrieb Sean Snell:
> >> Hi everybody,
> >> First, this is on a Lenovo X61 laptop. This is a fresh installation on a
> >> new SSD hard drive I recently purchased. I already have a 500GB hard
> drive
> >> with Arch and Windows dual booting on it, and the Wifi still works just
> >> fine from the old installation when I reinstalled the old hard drive for
> >> testing, but for the life of me I cannot get wifi-menu to connect to any
> >> wifi connections on this new installation.
> >>
> >> The card is a Intel Corporation PRO/Wireless 4965 AG. Per the wireless
> >> wiki<
> https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy
> >,
> >> I've installed linux-firmware so I can use the iwlegacy (driver?). With
> the
> >> help of a friend, we feel the modules are loading correctly, but when we
> >> try to actually connect using wifi-menu, journalctl -xn says the
> following:
> >>
> >> \\\\\\\\\\\
> >> - Unit netctl at wls3\x2dNEOPCS\x2dSecured.service has begun starting up.
> >> Starting network profile 'wls3-NEOPCS-Secured'...
> >> The interface of network profile 'wls3-NEOPCS-Secured' is already up
> >> netctl at wls3\x2dNEOPCS\x2dSecured.service: main process exited,
> code=exited,
> >> status=1/FAILURE
> >> \\\\\\\\\\\\\
> >>
> >>
> >> What I've installed in relation to the Wifi:
> >> - wpa_supplicant (per the initial insistence of wifi-menu "out of the
> box"
> >> - linux-firmware (per the
> >> wiki<
> https://wiki.archlinux.org/index.php/Wireless_network_configuration#iwlegacy
> >
> >> )
> >>
> >> Output of lspci | grep "Intel":
> >> 00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory
> >> Controller Hub (rev 0c)
> >> 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960
> >> Integrated Graphics Controller (primary) (rev 0c)
> >> 00:02.1 Display controller: Intel Corporation Mobile GM965/GL960
> Integrated
> >> Graphics Controller (secondary) (rev 0c)
> >> 00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network
> >> Connection (rev 03)
> >> 00:1a.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> >> Controller #4 (rev 03)
> >> 00:1a.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> >> Controller #5 (rev 03)
> >> 00:1a.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
> >> Controller #2 (rev 03)
> >> 00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio
> >> Controller (rev 03)
> >> 00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express
> Port
> >> 1 (rev 03)
> >> 00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express
> Port
> >> 2 (rev 03)
> >> 00:1d.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> >> Controller #1 (rev 03)
> >> 00:1d.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI
> >> Controller #2 (rev 03)
> >> 00:1d.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI
> >> Controller #1 (rev 03)
> >> 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3)
> >> 00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M-E) LPC Interface
> >> Controller (rev 03)
> >> 00:1f.2 IDE interface: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E)
> SATA
> >> Controller [IDE mode] (rev 03)
> >> 00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller
> (rev
> >> 03)
> >> 03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or
> AGN
> >> [Kedron] Network Connection (rev 61)
> >>
> >> Output of lsmod | grep -h "iw":
> >> iwl4965 90075 0
> >> iwlegacy 49001 1 iwl4965
> >> mac80211 490609 2 iwl4965,iwlegacy
> >> cfg80211 431038 3 iwl4965,iwlegacy,mac80211
> >> led_class 3547 3 sdhci,iwlegacy,thinkpad_acpi
> >>
> >>
> >> Can anybody help clue me into what I might be overlooking? I've run out
> of
> >> ideas of what else to look into, and while I'm still "getting my feet
> wet"
> >> with Linux, being a Windows admin by profession, I'm not afraid to dig
> >> deeper with a little help! :)
> >>
> >> Thanks everybody!
> >> Sean
> >>
> >
> > Hi Sean,
> >
> > to my mind it look promising since the correct modules appear to be
> > loaded. Maybe you could comment an how you try to establish the
> > connection. I usually prefer to use the NetworkManager.
> >
> > https://wiki.archlinux.org/index.php/NetworkManager
> >
> > base package is "networkmanager",
> > for Gnome: "network-manager-applet"
> > for KDE: "kdeplasma-applets-plasma-nm"
> >
> > I think (but I am unsure) you should stop all netctl services running
> > before trying the following commands.
> >
> > Start the daemon (cases are correct this way):
> > # systemctl start NetworkManager.service
> >
> > If you wanna use cli:
> >
> > List of devices:
> > # nmcli con list
> > Connect:
> > # nmcli dev wifi connect <name> password <password>
> >
> > If it is working enable the daemon on boot:
> > # systemctl enable NetworkManager.service
> >
> > Best wishes,
> > Max
>

From darkarcanis at mail.ru  Thu Apr 17 09:47:19 2014
From: darkarcanis at mail.ru (Evgeniy Alekseev)
Date: Thu, 17 Apr 2014 17:47:19 +0400
Subject: [arch-general] KDE update and baloo
In-Reply-To: <534FD307.2060400@sapience.com>
References: <534FD307.2060400@sapience.com>
Message-ID: <4691942.b0JMsXyDAj@arcanis>

On Thursday 17 April 2014 09:11:35 Genes Lists wrote:
> After the update to 4.13 - i have baloo sucking up cpu cylces. I did go
> to the desktop search and add every single file system/directory to the
> 'dont scan' list.  So there should be nothing left to scan.
> 
> Didn't help - it's still running 2 hours later ...  anyone know how to
> stop this selfish cpu hog?

I disabled it by editing $HOME/.kde4/share/config/baloofilerc:

[Basic Settings]
Indexing-Enabled=false

1. https://mailman.archlinux.org/pipermail/arch-general/2014-March/035350.html
-- 
? ?????????, ?.????????.
Sincerely yours, E.Alekseev.

e-mail: darkarcanis at mail.ru
ICQ: 407-398-235
Jabber: arcanis at jabber.ru
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/96637492/attachment.asc>

From l.jirkovsky at gmail.com  Thu Apr 17 10:37:22 2014
From: l.jirkovsky at gmail.com (Lukas Jirkovsky)
Date: Thu, 17 Apr 2014 16:37:22 +0200
Subject: [arch-general] KDE update and baloo
In-Reply-To: <534FD307.2060400@sapience.com>
References: <534FD307.2060400@sapience.com>
Message-ID: <CAFa9FQtCYNjdqmXgMH19ffUD1=W5v+yGjG3crJN1eDegigpCDA@mail.gmail.com>

On Thu, Apr 17, 2014 at 3:11 PM, Genes Lists <lists at sapience.com> wrote:
> After the update to 4.13 - i have baloo sucking up cpu cylces. I did go to
> the desktop search and add every single file system/directory to the 'dont
> scan' list.  So there should be nothing left to scan.
>
> Didn't help - it's still running 2 hours later ...  anyone know how to stop
> this selfish cpu hog?
>
>
>
> thanks!

Is it with KDE PIM? I remember a discussion in the release ML that
baloo was somewhat broken in PIM. I dunno if that was fixed or not.

From lisaev at umail.iu.edu  Thu Apr 17 14:56:12 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Thu, 17 Apr 2014 13:56:12 -0500
Subject: [arch-general] On-boot delay due to timer units
Message-ID: <20140417135612.1cae79de@bluemoon>

Hi,

Since anacron jobs were replaced with timers, I am seeing a noticeable delay
before agetty prompt appears on machines which were unused for some time (due
to update/man-db timers starting up simultaneously).

TLDR: Anacron inserts a random delay between boot and running the jobs, so is
it possible to simulate this behavior by including e.g. "OnBootSec=..." in the
timers at next update? Or is this option incompatible with OnCalendar?

Here is the (edited) "statistics" obtained by grepping /var/log/daemon.log.
The disk is actually an Intel X-25 (sata-2) SSD.

--- No timers are active (baseline) ---
Apr  6: 5.983s (kernel) + 1.947s (userspace) = 7.930s.
Apr  6: 5.815s (kernel) + 2.494s (userspace) = 8.310s.
Apr  6: 5.692s (kernel) + 1.612s (userspace) = 7.304s.
Apr  7: 5.874s (kernel) + 2.561s (userspace) = 8.436s.
Apr  9: 5.704s (kernel) + 3.001s (userspace) = 8.706s.
Apr 10: 5.612s (kernel) + 2.494s (userspace) = 8.106s.
Apr 11: 5.618s (kernel) + 2.908s (userspace) = 8.526s.
Apr 12: 5.671s (kernel) + 3.345s (userspace) = 9.016s.

--- Timers first run ---
Apr 14: 5.464s (kernel) + 46.883s (userspace) = 52.348s.

--- Startup with timers ---
Apr 15: 5.715s (kernel) + 2.878s (userspace) = 8.593s.
Apr 16: Not powered on
Apr 17: 6.414s (kernel) + 7.785s (userspace) = 14.200s.
$ systemd-analyze blame | head
          6.724s man-db.service
          1.935s updatedb.service
           926ms root-ssh-key-init at 0x14d33aba.service
           507ms lxc at appserver\x2dx86_64.service
           427ms rfkill-unblock at wlan.service
           381ms systemd-networkd.service
           340ms wlan-powersave at wls1.service
           289ms syslog-ng.service
           235ms volatile-mail.service
           225ms iptables.service

Thanks,
L.

-- 
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6  20DF 9291 EE8A 043C B8C4
                  C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/52906720/attachment.asc>

From thomas at archlinux.org  Thu Apr 17 15:31:07 2014
From: thomas at archlinux.org (=?ISO-8859-15?Q?Thomas_B=E4chler?=)
Date: Thu, 17 Apr 2014 21:31:07 +0200
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <20140417135612.1cae79de@bluemoon>
References: <20140417135612.1cae79de@bluemoon>
Message-ID: <53502BFB.1090104@archlinux.org>

Am 17.04.2014 20:56, schrieb Leonid Isaev:
> Hi,
> 
> Since anacron jobs were replaced with timers, I am seeing a noticeable delay
> before agetty prompt appears on machines which were unused for some time (due
> to update/man-db timers starting up simultaneously).
> 
> TLDR: Anacron inserts a random delay between boot and running the jobs, so is
> it possible to simulate this behavior by including e.g. "OnBootSec=..." in the
> timers at next update? Or is this option incompatible with OnCalendar?

OnBootSec would cause the timers to always run on boot, no matter how
much time has passed, which is not what we want.

I don't think it is a problem that the timers run on boot, but rather
that they delay Type=idle units, like agetty. From what the
documentation says, there should not be any delay:

"Behavior of idle is very similar to simple; however, actual execution
of the service binary is delayed until all jobs are dispatched."

I am confused why get a delay here.

I think another solution in systemd would be introducing a holdoff time:
Instead of running immediately on boot, the timer should be scheduled
for boot+5min.

This requires some investigation - sorry, I don't have a quick solution
right now.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/40182ca8/attachment.asc>

From lists at sapience.com  Thu Apr 17 15:33:56 2014
From: lists at sapience.com (Genes Lists)
Date: Thu, 17 Apr 2014 15:33:56 -0400
Subject: [arch-general] KDE update and baloo
In-Reply-To: <CAFa9FQtCYNjdqmXgMH19ffUD1=W5v+yGjG3crJN1eDegigpCDA@mail.gmail.com>
References: <534FD307.2060400@sapience.com>
 <CAFa9FQtCYNjdqmXgMH19ffUD1=W5v+yGjG3crJN1eDegigpCDA@mail.gmail.com>
Message-ID: <53502CA4.4050800@sapience.com>

On 04/17/2014 10:37 AM, Lukas Jirkovsky wrote:
>
> Is it with KDE PIM? I remember a discussion in the release ML that
> baloo was somewhat broken in PIM. I dunno if that was fixed or not.
>
No not using PIM. I killed off all the baloo processes - short term 
fix.There really should be an off button on this kind of thing.

From lisaev at umail.iu.edu  Thu Apr 17 16:12:15 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Thu, 17 Apr 2014 15:12:15 -0500
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <53502BFB.1090104@archlinux.org>
References: <20140417135612.1cae79de@bluemoon> <53502BFB.1090104@archlinux.org>
Message-ID: <20140417151215.7c26c6da@bluemoon>

On Thu, 17 Apr 2014 21:31:07 +0200
Thomas B?chler <thomas at archlinux.org> wrote:

> Am 17.04.2014 20:56, schrieb Leonid Isaev:
> > Hi,
> > 
> > Since anacron jobs were replaced with timers, I am seeing a noticeable
> > delay before agetty prompt appears on machines which were unused for some
> > time (due to update/man-db timers starting up simultaneously).
> > 
> > TLDR: Anacron inserts a random delay between boot and running the jobs, so
> > is it possible to simulate this behavior by including e.g. "OnBootSec=..."
> > in the timers at next update? Or is this option incompatible with
> > OnCalendar?
> 
> OnBootSec would cause the timers to always run on boot, no matter how
> much time has passed, which is not what we want.

OK.

> 
> I don't think it is a problem that the timers run on boot, but rather
> that they delay Type=idle units, like agetty. From what the
> documentation says, there should not be any delay:
> 
> "Behavior of idle is very similar to simple; however, actual execution
> of the service binary is delayed until all jobs are dispatched."
> 
> I am confused why get a delay here.

I think the problem is the disk I/O generated due to e.g. man-db indexing,
because I see the hdd light is solid on. So, my guess is that two things can
happen: either the login prompt is delayed, or the prompt is shown but the
actual login will stall.

> 
> I think another solution in systemd would be introducing a holdoff time:
> Instead of running immediately on boot, the timer should be scheduled
> for boot+5min.

You are right -- that's the best way to put it. Except, I'd generate random
timeouts (distributed in some interval) for the corresponding services...

Thanks,
L.

-- 
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6  20DF 9291 EE8A 043C B8C4
                  C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/a21aa38f/attachment.asc>

From jan.steffens at gmail.com  Thu Apr 17 16:40:38 2014
From: jan.steffens at gmail.com (Jan Alexander Steffens)
Date: Thu, 17 Apr 2014 22:40:38 +0200
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <53502BFB.1090104@archlinux.org>
References: <20140417135612.1cae79de@bluemoon> <53502BFB.1090104@archlinux.org>
Message-ID: <CAMQ-g0fXsj1TVoZVqO+bxnEia_5BKw_zT1FOcpxS8a4DLtFfeQ@mail.gmail.com>

On Thu, Apr 17, 2014 at 9:31 PM, Thomas B?chler <thomas at archlinux.org> wrote:
> I don't think it is a problem that the timers run on boot, but rather
> that they delay Type=idle units, like agetty. From what the
> documentation says, there should not be any delay:
>
> "Behavior of idle is very similar to simple; however, actual execution
> of the service binary is delayed until all jobs are dispatched."
>
> I am confused why get a delay here.

When the timer fires it adds a start job to the manager. Type=idle
services wait for the manager job list (not the transaction job list)
to empty.

Maybe Type=idle should be changed to trigger when its transaction completes.

From karol at babioch.de  Thu Apr 17 17:22:09 2014
From: karol at babioch.de (Karol Babioch)
Date: Thu, 17 Apr 2014 23:22:09 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <534F7A72.2050405@gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
 <534F7290.1010805@babioch.de> <534F7A72.2050405@gmail.com>
Message-ID: <53504601.4010907@babioch.de>

Hi,

Am 17.04.2014 08:53, schrieb Daniel Micay:
> I think it's best to just install it to your home directory without
> involving the system package manager if you want to use the android
> package manager for anything.

So you are managing all of this alone and don't use the packages in AUR
at all? At least android-udev seems useful? Where do you store your SDK?
Have you added something to your PATH? I'm just looking for good
practices here, so thanks for any replies!

> It's not sane to be giving users access to a directory in the PATH of
> other users, especially root.

Yes, I feel very much the same way.

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/f1e92178/attachment.asc>

From danielmicay at gmail.com  Thu Apr 17 17:29:04 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Thu, 17 Apr 2014 17:29:04 -0400
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <53504601.4010907@babioch.de>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
 <534F7290.1010805@babioch.de> <534F7A72.2050405@gmail.com>
 <53504601.4010907@babioch.de>
Message-ID: <535047A0.2030401@gmail.com>

On 17/04/14 05:22 PM, Karol Babioch wrote:
> Hi,
> 
> Am 17.04.2014 08:53, schrieb Daniel Micay:
>> I think it's best to just install it to your home directory without
>> involving the system package manager if you want to use the android
>> package manager for anything.
> 
> So you are managing all of this alone and don't use the packages in AUR
> at all? At least android-udev seems useful? Where do you store your SDK?
> Have you added something to your PATH? I'm just looking for good
> practices here, so thanks for any replies!

I use the AUR packages without touching the Android package manager at
all. If I did plan on installing stuff from there, I would just install
the SDK to my home directory and use a meta-package (no contents) to
handle the external dependencies. You can add user-specific
binary/library directories to PATH and the library search path (a fairly
sane usage of LD_LIBRARY_PATH).

>> It's not sane to be giving users access to a directory in the PATH of
>> other users, especially root.
> 
> Yes, I feel very much the same way.
> 
> Best regards,
> Karol Babioch


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/625d0db5/attachment.asc>

From karol at babioch.de  Thu Apr 17 17:42:51 2014
From: karol at babioch.de (Karol Babioch)
Date: Thu, 17 Apr 2014 23:42:51 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <535047A0.2030401@gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
 <534F7290.1010805@babioch.de> <534F7A72.2050405@gmail.com>
 <53504601.4010907@babioch.de> <535047A0.2030401@gmail.com>
Message-ID: <53504ADB.5050203@babioch.de>

Hi,

Am 17.04.2014 23:29, schrieb Daniel Micay:
> I would just install
> the SDK to my home directory and use a meta-package (no contents) to
> handle the external dependencies.

Yes, that would probably make sense. Maybe such a package could be
uploaded to the AUR.

I've installed it to my home directory for now. The only dependency I
needed to get it running was "swt". I'm not sure why the AUR packages
lists all of the lib32 as dependency (for x86_64). I guess I'll find out
soon enough.

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/b5a4b315/attachment.asc>

From andre.vmatos at gmail.com  Thu Apr 17 18:08:44 2014
From: andre.vmatos at gmail.com (=?UTF-8?B?QW5kcsOpIFZpdG9y?=)
Date: Thu, 17 Apr 2014 19:08:44 -0300
Subject: [arch-general] KDE update and baloo
In-Reply-To: <53502CA4.4050800@sapience.com>
References: <534FD307.2060400@sapience.com>
 <CAFa9FQtCYNjdqmXgMH19ffUD1=W5v+yGjG3crJN1eDegigpCDA@mail.gmail.com>
 <53502CA4.4050800@sapience.com>
Message-ID: <CAF-F9ppmWLyXfhbwJoOSF_DzrUn=+oav7kurEr23=bYEnoFZbQ@mail.gmail.com>

On Thu, Apr 17, 2014 at 4:33 PM, Genes Lists <lists at sapience.com> wrote:

> On 04/17/2014 10:37 AM, Lukas Jirkovsky wrote:
>
>>
>> Is it with KDE PIM? I remember a discussion in the release ML that
>> baloo was somewhat broken in PIM. I dunno if that was fixed or not.
>>
>>  No not using PIM. I killed off all the baloo processes - short term
> fix.There really should be an off button on this kind of thing.
>

I've a problem with baloo too, but with RAM usage.
After a few minutes of KDE with baloo activated and indexing data in some
partitions with a few hundred gigabytes of my data (video, music, big
source trees of projects, VMs, etc), I experience a continuous growing in
RAM usage, sometimes up to consuming my entire 12G RAM and starting paging
to swap, driving my system almost unusable. Another times, RAM grows up to
4~5 Gb and stay there. I have no KDE PIM configured (no mail accounts, etc).
Weird is that that amount of RAM isn't reported by htop/top/ps for being
from any processes. The sum of all processes memory usage stay near the
habitual 1-1.5G RAM. Logout and terminating all user processes doesn't free
my memory too. The only way to get my memory back is restarting PC.
But I'm sure the problem is with baloo or something related, since
disabling it the problem goes away. Maybe something related with my btrfs
root/home, although mentioned large data partitions are in ext4.
I don't want to disable baloo, I liked it's speed in file indexing and
searching, but it's unusable now. Anyone know if there's any way to fix it?
Or, at least, track down where my memory gone? [maybe kernel memory? kernel
caches? unfreed pages?]. Thanks

-- 
/-=| ? ? ? ? ? |=-\ ?? ???
http://www.google.com/profiles/andre.vmatos

From hugo at barrera.io  Thu Apr 17 18:35:40 2014
From: hugo at barrera.io (Hugo Osvaldo Barrera)
Date: Thu, 17 Apr 2014 19:35:40 -0300
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <20140416234932.GA7441@athena.barrera.io>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de>
 <20140416234932.GA7441@athena.barrera.io>
Message-ID: <20140417223538.GA13378@hyperion.barrera.io>

Looks like my message was silently dropped by mailman. Lemme retry this:

On 2014-04-16 20:49, Hugo Osvaldo Barrera wrote:
> First of all, thanks for all the efort you're putting into moving these
> arch tools into the official repos. I've been wanting to see this (and
> non-bin packages) for ages! :)
> 
> On 2014-04-17 00:50, Karol Babioch wrote:
> > Hi,
> > 
> > Am 17.04.2014 00:38, schrieb Anatol Pomozov:
> > > Are there people with Android development background? What exactly do
> > > you miss in Arch? 
> > 
> > The problem I face with the Android situation in Arch is that currently
> > there seems to be no "clean" (TM) way to install the SDK and related
> > stuff. The android-sdk package from AUR is fine and dandy, but one
> > usually also needs to install a whole bunch of API specific packages
> > through the "android" tool from the SDK.
> > 
> > - This doesn't work for normal users, e.g. you can update the packages
> > using Eclipse, but you need to start "/opt/android-sdk/tools/android" as
> > root
> 
> Does this download additional files, or actually replace files the arch package installs?
> 
> If it's the former, then you can create a user group (eg: android),
> and make the directory where files are downloaded owned by that group.
> 
> > 
> > - Installing any sort of package through the "installer" mentioned above
> > isn't compatible with the whole idea of package management, because the
> > package manager isn't aware of these files. I ran into conflicts before,
> > which I had to resolve by temporarily removing some components.
> 
> If we can make arch packages for all the packages available through that
> installed, that would make it innecesary, though still usable. Something
> similar happens with npm, gem (when used at a system level), pip, etc:
> there's a second package manager that can (optionally) be used, but it's
> a bad idea if you want to keep using arch's.
> 
> > 
> > Maybe I'm doing something wrong here, but at least this is what I've
> > experienced throughout the last couple of months. Unfortunately I don't
> > see a good way how this can be improved, as I like the idea of
> > installing only API components that I really need and get instant (!)
> > updates for them directly from the upstream project.
> > 
> 
> If you want the instante updated from upstream, then you'd need to update
> the arch package instantly ;) This is exactly what happens with some of
> the above mentioned examples (npm).
> 
> > Anyone familiar with the situation on other distributions? How do they
> > handle all of this?
> > 
> 
> I did a bit of research on this.
> Ubuntu suggest you download the SDK and install into into your home:
> https://help.ubuntu.com/community/AndroidSDK
> (so no useful precedent here).
> 
> The same applies for Fedora:
> https://fedoraproject.org/wiki/HOWTO_Setup_Android_Development
> 
> Gentoo uses the upstream binaries in their packages (ebuild?):
> https://wiki.gentoo.org/wiki/Android
> 
> They DO seem to set permissions to 775, and ownership to root:android,
> so I guess they do something similar to what I suggested above.
> 
> Finally, Debian doesn't seem to package anythis other than the packages
> that were mentioned as existing in AUR as source packages, so there's
> nothing to be leart there.
> 
> > Best regards,
> > Karol Babioch
> > 
> 
> Hope this helps a bit,
> 
> Cheers,
> 
> -- 
> Hugo Osvaldo Barrera



-- 
Hugo Osvaldo Barrera
A: No, it doesn't make sense.
Q: Should I include quotations *after* my reply?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/1f57c14a/attachment.asc>

From karol at babioch.de  Thu Apr 17 19:20:44 2014
From: karol at babioch.de (Karol Babioch)
Date: Fri, 18 Apr 2014 01:20:44 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <20140417223538.GA13378@hyperion.barrera.io>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <20140416234932.GA7441@athena.barrera.io>
 <20140417223538.GA13378@hyperion.barrera.io>
Message-ID: <535061CC.8060708@babioch.de>

Hi,

Am 18.04.2014 00:35, schrieb Hugo Osvaldo Barrera:
>> Does this download additional files, or actually replace files the arch package installs?
>> 
>> If it's the former, then you can create a user group (eg: android),
>> and make the directory where files are downloaded owned by that group.

Well, it probably depends on what exactly you select to install. When
there is a new API level, there will definitely be new files. This can
lead to file conflicts, because pacman will complain that the file(s)
already exist once the package gets updated. This can be resolved
easily, but requires some knowledge about package management. Probably
nothing a beginner (either to pacman or to the SDK wants to deal with).

> I did a bit of research on this.

Thanks for that!

>> Ubuntu suggest you download the SDK and install into into your home:
>> https://help.ubuntu.com/community/AndroidSDK
>> (so no useful precedent here).
>>
>> The same applies for Fedora:
>> https://fedoraproject.org/wiki/HOWTO_Setup_Android_Development

Personally I like this approach the most. Obviously it has drawbacks in
multi-user environments. But it won't lead to conflicts, because pacman
doesn't know anything about it and to be quite honest most of us are the
only user on a system anyway.

However, I kind of like the proposed idea of an empty "meta package",
that will only trigger the installation of dependencies. Is this
something you would be interested in?

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140418/3d2d46cd/attachment-0001.asc>

From hugo at barrera.io  Thu Apr 17 20:22:34 2014
From: hugo at barrera.io (Hugo Osvaldo Barrera)
Date: Thu, 17 Apr 2014 21:22:34 -0300
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <535061CC.8060708@babioch.de>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de>
 <20140416234932.GA7441@athena.barrera.io>
 <20140417223538.GA13378@hyperion.barrera.io>
 <535061CC.8060708@babioch.de>
Message-ID: <20140418002234.GA25570@athena.barrera.io>

On 2014-04-18 01:20, Karol Babioch wrote:
> ...snip...
> Personally I like this approach the most. Obviously it has drawbacks in
> multi-user environments. But it won't lead to conflicts, because pacman
> doesn't know anything about it and to be quite honest most of us are the
> only user on a system anyway.
> 
> However, I kind of like the proposed idea of an empty "meta package",
> that will only trigger the installation of dependencies. Is this
> something you would be interested in?
> 
> Best regards,
> Karol Babioch
> 

I actually use the meta-package approach to handle dependencies for
wine-based and steam-based games, so I wouldn't mind (I hate marking
dependencies as explicitly installed, so that's a second reason to
do that).

I'm curious if those are acceptable in the AUR.

-- 
Hugo Osvaldo Barrera
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140417/c66f1b5c/attachment.asc>

From kyleterrien at gmail.com  Thu Apr 17 21:24:22 2014
From: kyleterrien at gmail.com (Kyle Terrien)
Date: Thu, 17 Apr 2014 18:24:22 -0700
Subject: [arch-general] system-config-printer: conflicting files
Message-ID: <53507EC6.1080203@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello fellow Archers,

I received the following error while upgrading system-config-printer:

> error: failed to commit transaction (conflicting files) 
> system-config-printer: /usr/share/system-config-printer/debug.pyc
> exists in filesystem Errors occurred, no packages were upgraded.

Apparently, at some point python automatically compiled debug.py into
debug.pyc to increase long term performance. However, the new package
has debug.pyc presupplied.

The solution was to delete debug.pyc, then everything installs cleanly
and works fine.

Of course, this begs the question: Should a compiled python module be
supplied in a package (debug.pyc), or should the local machine
interpret/compile/do whatever it wants with a python script (debug.py)?

- --Kyle
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTUH7GAAoJEN5rMzXPJBsQvwkP/jrjwgfai7jUTTFI980qQdaM
nu6u/kms6Ys72uJIvxF3a0b94ZprbLe6bjshzCBW0fJuBHrZ+Deb1Xdt2i10b3pV
O/JgZzYMsICVqF2MYdn+GZ9T/GYkLpzLWctwBCnHwQKABIw+T5Jk4CwdNLTnd4V5
pmxynMi/A3RzYFsxFQLcNK6a1sk/FhVmwDSAk5WB2feKjf/i614dH8Uf0aJxRcq+
LFg+eFndpEpMp77j0DnxcTwAR6RzdE19NCNf9rfBvctGpyE2nzdYE8bcof66mLoB
yWR2jmRC2CYwOxU556I+Bg4TIGy4SQunqkc0hKEG+nQ6/xSOV72CF7ZCFBOKrLsW
8rGPHDNXFFbLeE6kcR+hnEYaKjLTLn+o+BwV9CJSB3l3aCXpoBCJ9kDiEPEfPR6h
mZwP77BpBUMTfclTYL/F2mR0NDd4615CWxXd6wHXGCex+WrA4FTyGqGQgUvPa5Bu
9yB/oMyLthgGL9S5CN0N2VcRdPQB4X44DhUieOMqWAO+KVKmJGfohkCRRHy7UOCY
JLh8dkA9JBnoeQ9wLFXn7ibSFxJAVfUeddnmsKOaRnVSGVjGuKYbb9IcFQ/xcfBa
ghnTIOk6l15Rrzd9pxfoXSDz8eIeC9UWGQN13Q6waD1gOjZVPS2rgmM2vNpYzT5M
iyOEOWaj6AVvni9eADE1
=tWUo
-----END PGP SIGNATURE-----

From scimmia at archlinux.info  Thu Apr 17 23:25:27 2014
From: scimmia at archlinux.info (Doug Newgard)
Date: Thu, 17 Apr 2014 22:25:27 -0500
Subject: [arch-general] system-config-printer: conflicting files
In-Reply-To: <53507EC6.1080203@gmail.com>
References: <53507EC6.1080203@gmail.com>
Message-ID: <1e25a0da4c863bdffb377c345594eefb@archlinux.info>

On 2014-04-17 20:24, Kyle Terrien wrote:
> Hello fellow Archers,
> 
> I received the following error while upgrading system-config-printer:
> 
>> error: failed to commit transaction (conflicting files)
>> system-config-printer: /usr/share/system-config-printer/debug.pyc
>> exists in filesystem Errors occurred, no packages were upgraded.
> 
> Apparently, at some point python automatically compiled debug.py into
> debug.pyc to increase long term performance. However, the new package
> has debug.pyc presupplied.
> 
> The solution was to delete debug.pyc, then everything installs cleanly
> and works fine.
> 
> Of course, this begs the question: Should a compiled python module be
> supplied in a package (debug.pyc), or should the local machine
> interpret/compile/do whatever it wants with a python script (debug.py)?
> 
> - --Kyle

Yes, they should be included in the package.

1. The user running these scripts usually doesn't have write access to 
the dir they're in, so more often than not, the .pyc files don't get 
saved. This makes the load times for the script longer.

2. If it is run as root, a file gets created that pacman knows nothing 
about. It will leave crap behind when upgrading or removing.

From arnaud.gaboury at gmail.com  Fri Apr 18 02:06:55 2014
From: arnaud.gaboury at gmail.com (arnaud gaboury)
Date: Fri, 18 Apr 2014 08:06:55 +0200
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <20140418002234.GA25570@athena.barrera.io>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de>
 <20140416234932.GA7441@athena.barrera.io>
 <20140417223538.GA13378@hyperion.barrera.io>
 <535061CC.8060708@babioch.de>
 <20140418002234.GA25570@athena.barrera.io>
Message-ID: <CAK1hC9sV=D9xTC1Ye6QDShG7_+=QPOPxrTB0AM7GR9NTaDfnCw@mail.gmail.com>

Please have a look here[1]. It is a Arch based distro developed by Android dev.
You can add the repo in your /etc/pacman.conf


[1]http://bbqlinux.org/

From henning at orgizm.net  Fri Apr 18 04:30:30 2014
From: henning at orgizm.net (henning mueller)
Date: Fri, 18 Apr 2014 10:30:30 +0200
Subject: [arch-general] providing grsecurity in [community]
Message-ID: <5350E2A6.6010306@orgizm.net>

Hey,

I'm replying to a thread on arch-dev-public with the same subject, here.

I'm maintaining the linux-grsec PKGBUILD in the AUR [0], wrote an
utility to set PaX flags [1] and host a repository for binary
grsecurity packages [2]. Although I like the idea of further
integrating grsecurity into Arch Linux, I have some points to
criticize on the planning proposals of Daniel Micay.

> It also includes the PaX project to provide a much stronger 
> implementation of ASLR along with significant memory protections 
> for userspace. These features do break many packages, and require 
> setting flags on binaries when exceptions are necessary. I don't 
> want to place a burden on other packagers, so I plan on leaving
> the parts requiring integration with other packages disabled at
> first.

1. The very core of the grsecurity project is PaX. Without it, you
miss out on the most effective security features. Some contributing
linux-grsec users and me collected numerous binaries, which do not
work well with PaX and the according PaX features, which have to be
disabled in order to get them running. These are currently collected
in the linux-pax-flags utility [1]. For a clean grsecurity
integration, any flags on [core], [extra] and [community] should be
set before releasing linux-grsec in [community].

> It would have no impact on people not using it, since it would
> just be a very short string set in the `user.pax.flags` xattr key.
> For example, `setfattr -n user.pax.flags -v "mr" 
> "$pkgdir/usr/bin/foo"` to disable MPROTECT and RANDMMAP features 
> (on chromium, firefox, etc.).

2. I think, manually setting the flags with a setfattr call in the
PKGBUILDs is a bad solution, because it is error-prone. The Gentoo
(hardened) folks integrated a new function for marking binaries with
PaX flags into the ebuild environment. I would prefer a solution like
this for Arch, too.
A new PKGBUILD variable for PaX flags to be set after install() would
also be a good solution (like PAX_FLAGS=(usr/bin/firefox:mr).
(There is also a utility which supports xattr flags by the Gentoo
hardened folks named paxctl-ng.)

3. I do not know, what the policy is, here, but I would prefer to
maintain the PKGBUILD myself, if it gets included in [community]. At
least, I would have expected to be integrated in the discussion a
little more. I did the work on it since beginning of 2012 and run it
on several machines since then. I think, a message like "I will adopt your
package in [community]" is a little rude. The gradm package was
already deleted from the AUR. On the linux-pax-flags AUR package,
Daniel commented that I would have to change it to work according to
his plans.

I want to mention another step, that would be necessary for a decent
integration of grsecurity and full ASLR: The activation of PIE/PIC.
This has been discussed a little on the Arch Linux BBS [3]. Allan
stated that "If there is a good way to add it for x86_64, it will be
considered." Maybe it is possible to come up with a good way.

Best regards,
henning


[0] https://aur.archlinux.org/packages/linux-grsec
[1] https://github.com/nning/linux-pax-flags
[2] https://arsch.orgizm.net
[3] https://bbs.archlinux.org/viewtopic.php?id=172955

From adys.wh at gmail.com  Fri Apr 18 05:29:56 2014
From: adys.wh at gmail.com (Jerome Leclanche)
Date: Fri, 18 Apr 2014 10:29:56 +0100
Subject: [arch-general] Qt4 / Qt5 package naming
Message-ID: <CAFd36BhnAFriQOp3xUFF3hmqBpbbgm-JpCA+uQ6+8UNmB53zfA@mail.gmail.com>

Hi

With Qt5 becoming more and more available throughout Qt apps
(especially as KDE progresses into the switch), I think it's time to
consider adopting an updated naming scheme.

IMHO:
- Qt4 apps should use the -qt4 suffix
- Qt5 apps should not use any suffix or prefix
- Qt libraries should probably use a qt- prefix. (eg what is currently
qt5-base, qt5-doc etc should become qt-base, qt-location). Or
alternatively, no prefix at all and use upstream naming scheme
(qtbase, qtlocation, ...)

Thoughts?


J. Leclanche

From letter at openmailbox.org  Fri Apr 18 08:35:37 2014
From: letter at openmailbox.org (message)
Date: Fri, 18 Apr 2014 12:35:37 +0000
Subject: [arch-general] ibm java installation path environment
Message-ID: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>

Readers,

IBM Java was installed into the directory 'usr/local':

$ /usr/local/java/jre/bin/java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT 
enabled, AOT enabled)
J9VM - R27_Java827_Beta_3_20130419_2138_B145797
JIT  - r13.b02_20130419_36653
GC   - R27_Java827_Beta_3_20130419_2138_B145797
J9CL - 20130419_145797)
JCL - 20130410_01 based on Oracle jdk8-b80

The file 'bashrc' was edited:

GNU nano 2.2.6              File: ./.bashrc

# .bashrc

# User specific aliases and functions

# Source global definitions
if [ -f /etc/bashrc ]; then
         . /etc/bashrc
fi
export PATH=$PATH:/usr/local/bin
export JAVA_HOME=/usr/local/java/jre/bin/java

After saving the bashrc file, sign-out and sign-in, the java program is 
not accessible via command terminal 'java -version', the entire path has 
to be entered.

What is my mistake please?

From heikobecker92 at gmail.com  Fri Apr 18 08:42:40 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Fri, 18 Apr 2014 14:42:40 +0200
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
References: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
Message-ID: <CAPJKY2UPGUQ0m-hehK=PALVv2wvN6wnB-8NQ6XxM0fSEcrSpXQ@mail.gmail.com>

Am 18.04.2014 14:35 schrieb "message" <letter at openmailbox.org>:
>
> Readers,
>
> IBM Java was installed into the directory 'usr/local':
>
> $ /usr/local/java/jre/bin/java -version
> java version "1.8.0"
> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
enabled, AOT enabled)
> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
> JIT  - r13.b02_20130419_36653
> GC   - R27_Java827_Beta_3_20130419_2138_B145797
> J9CL - 20130419_145797)
> JCL - 20130410_01 based on Oracle jdk8-b80
>
> The file 'bashrc' was edited:
>
> GNU nano 2.2.6              File: ./.bashrc
>
> # .bashrc
>
> # User specific aliases and functions
>
> # Source global definitions
> if [ -f /etc/bashrc ]; then
>         . /etc/bashrc
> fi
> export PATH=$PATH:/usr/local/bin
> export JAVA_HOME=/usr/local/java/jre/bin/java
>
> After saving the bashrc file, sign-out and sign-in, the java program is
not accessible via command terminal 'java -version', the entire path has to
be entered.
>
> What is my mistake please?

Hey,

maybe you should try to also add the path to IBM Java to your path
variable. Because only then it can be recognized.

Best regards,

Heiko Becker

From letter at openmailbox.org  Fri Apr 18 14:23:53 2014
From: letter at openmailbox.org (message)
Date: Fri, 18 Apr 2014 18:23:53 +0000
Subject: [arch-general] sound in gnome, none in xfce
In-Reply-To: <mailman.565.1397426021.3663.arch-general@archlinux.org>
References: <mailman.565.1397426021.3663.arch-general@archlinux.org>
Message-ID: <f4daed5d7060a10b1a4740f8d95655b8@openmailbox.org>

On 2014-04-13 21:53, arch-general-request at archlinux.org wrote:
> ------------------------------
> 
> Message: 6
> Date: Sun, 13 Apr 2014 23:06:29 +0200
> From: Bjoern Franke <bjo at nord-west.org>
> Subject: Re: [arch-general] sound in gnome, none in xfce
> 
> Am 13.04.2014 22:55, schrieb message:
>> Readers,
>> 
>> In gnome, sound is enabled and can be adjusted via the keyboard 
>> function
>> keys (e.g. fn + ^). This doesn't work in xfce. What is the cause in 
>> this
>> different behaviour and any ideas how to solve please?
>> 
> 
> Next time read the docs:
> https://wiki.archlinux.org/index.php/Xfce#Keyboard_Volume_Buttons
> 

After following the instructions, received an error dialogue window:

"Failed to launch shortcut "XF86AudioRaiseVolume"
Failed to execute child process "amixer" (No such file or directory)"

The sound is enabled when starting the 'audio mixer' (alsamixer) 
graphical tool and adjusting sound using the mouse.

From killruana at gmail.com  Fri Apr 18 14:59:26 2014
From: killruana at gmail.com (killruana)
Date: Fri, 18 Apr 2014 20:59:26 +0200
Subject: [arch-general] sound in gnome, none in xfce
In-Reply-To: <f4daed5d7060a10b1a4740f8d95655b8@openmailbox.org>
References: <mailman.565.1397426021.3663.arch-general@archlinux.org>
 <f4daed5d7060a10b1a4740f8d95655b8@openmailbox.org>
Message-ID: <b68fffee-2486-48e9-953f-99696d991cf3@email.android.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

You need to install alsa-utils who provides amixer.

On 18 avril 2014 20:23:53 CEST, message <letter at openmailbox.org> wrote:
>On 2014-04-13 21:53, arch-general-request at archlinux.org wrote:
>> ------------------------------
>>
>> Message: 6
>> Date: Sun, 13 Apr 2014 23:06:29 +0200
>> From: Bjoern Franke <bjo at nord-west.org>
>> Subject: Re: [arch-general] sound in gnome, none in xfce
>>
>> Am 13.04.2014 22:55, schrieb message:
>>> Readers,
>>>
>>> In gnome, sound is enabled and can be adjusted via the keyboard
>>> function
>>> keys (e.g. fn + ^). This doesn't work in xfce. What is the cause in
>>> this
>>> different behaviour and any ideas how to solve please?
>>>
>>
>> Next time read the docs:
>> https://wiki.archlinux.org/index.php/Xfce#Keyboard_Volume_Buttons
>>
>
>After following the instructions, received an error dialogue window:
>
>"Failed to launch shortcut "XF86AudioRaiseVolume"
>Failed to execute child process "amixer" (No such file or directory)"
>
>The sound is enabled when starting the 'audio mixer' (alsamixer)
>graphical tool and adjusting sound using the mouse.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1

iQE9BAEBCgAnBQJTUXYOIBxraWxscnVhbmEgPGtpbGxydWFuYUBnbWFpbC5jb20+
AAoJEE/WP7BWVVPi01sH/3lIA4GrZG1CjWC/Ac4CGLu7dA7gUqzXY6EEgXFP6XyC
L0GLJHmRPIwosnQsQnrH+EN8D4b3sYD7BlCRNoo0SQgLUDsxMpt62zWmLS7onKth
q4JrQzMq6wGJuqavk1oNQvnJqRW7rReHtf+v8/kwp3IO+iFOlQFYkyfJ+I8ZbgyR
FhJcOS0bODRDcbKo5N6fK12EcasCuXAniinCeduqnoBM/Yt/5UAw60N2Clsf1PLr
WrvEpeXJCUjYbdmlKH7uyQ7UdKBPh1I/WBH136S2Gn/ehaGWrBiULjzqNRd+gY1a
Od+kR21F6WJVwt3r3DOmxdx4M2MwpGLokVFWrB34qLk=
=ugYI
-----END PGP SIGNATURE-----


From schaefer at trilug.org  Fri Apr 18 17:40:25 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Fri, 18 Apr 2014 17:40:25 -0400
Subject: [arch-general] lxc: systemd-udev-trigger resets host kbd & mouse
	settings
Message-ID: <1397857225.31192.58.camel@wot>

I've just started playing with lxc, and found that if I create a
container with:

# lxc-create -n arch -t archlinux

and then start it:

# lxc-start -n arch

it resets my X keyboard map and mouse acceleration settings (which are
set by setxkbmap/xset/xinput), though mouse button remapping done by
xmodmap is not affected.

I tracked it as far as the execution of:

  /usr/bin/udevadm trigger --type=devices --action=add

in /usr/lib/systemd/system/systemd-udev-trigger.service, which seems to
write "add" to most of the "uevent" files under /sys/devices.  I don't
know the reason for this, especially in a container, but disabling the
whole udev trigger service in the container keeps the host X input
settings intact without breaking anything obvious in the container (and
the container boots a lot faster now, too).

I'd appreciate any thoughts on what systemd-udev-trigger is doing,
whether it's appropriate in a container, and if there's a better way to
keep a container from changing X input settings on the host.
Carl

From danielmicay at gmail.com  Fri Apr 18 17:45:09 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Fri, 18 Apr 2014 17:45:09 -0400
Subject: [arch-general] lxc: systemd-udev-trigger resets host kbd &
 mouse settings
In-Reply-To: <1397857225.31192.58.camel@wot>
References: <1397857225.31192.58.camel@wot>
Message-ID: <53519CE5.40904@gmail.com>

On 18/04/14 05:40 PM, Carl Schaefer wrote:
> I've just started playing with lxc, and found that if I create a
> container with:
> 
> # lxc-create -n arch -t archlinux
> 
> and then start it:
> 
> # lxc-start -n arch
> 
> it resets my X keyboard map and mouse acceleration settings (which are
> set by setxkbmap/xset/xinput), though mouse button remapping done by
> xmodmap is not affected.
> 
> I tracked it as far as the execution of:
> 
>   /usr/bin/udevadm trigger --type=devices --action=add
> 
> in /usr/lib/systemd/system/systemd-udev-trigger.service, which seems to
> write "add" to most of the "uevent" files under /sys/devices.  I don't
> know the reason for this, especially in a container, but disabling the
> whole udev trigger service in the container keeps the host X input
> settings intact without breaking anything obvious in the container (and
> the container boots a lot faster now, too).
> 
> I'd appreciate any thoughts on what systemd-udev-trigger is doing,
> whether it's appropriate in a container, and if there's a better way to
> keep a container from changing X input settings on the host.
> Carl

Do you have these issues with systemd-nspawn?

mkdir container && pacstrap -cd base container
systemd-nspawn -bD container

Containers are not yet completely solid. One of the most notable flaws
is the complete lack of namespacing for the cgroup filesystem. These
kind of things are worked around by systemd via various hacks, so
perhaps lxc is missing something.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140418/2cb385d1/attachment.asc>

From enwukaer at gmail.com  Fri Apr 18 21:06:00 2014
From: enwukaer at gmail.com (Nowaker)
Date: Sat, 19 Apr 2014 03:06:00 +0200
Subject: [arch-general] [arch-dev-public] providing grsecurity in
	[community]
In-Reply-To: <5351C02E.1080505@archlinux.org>
References: <534E0293.5000700@gmail.com>
 <CAG-2HqXVpL2Ag2g7uOu==2AAaXyuttBOZMq8kv1oOdmGncn7oQ@mail.gmail.com>
 <5351C02E.1080505@archlinux.org>
Message-ID: <5351CBF8.1020100@gmail.com>

My reply to the arch-dev-public discussion.

> I'd say an unofficial repo is the way to go for the time being.
> linux-grsec in the AUR only has 44 votes, so it is not screaming out for
> inclusion in the repos.

Alan, please also include 64 votes for AppArmor and 19 for SELinux. It 
sums up to 127. As Daniel said, everyone will be happy to drop their 
AppArmors and SELinuxes to whatever the official repo will provide.

Anyway, votes have rarely been a reason for moving packages from AUR 
into community. It seems we are now facing a situation where the number 
of votes is a hard requirement for the package to make its way into 
community. It has never been a case, and I hope it doesn't happen now. 
Some TU is interested in maintaining linux-grsec, it won't affect 
anybody else he claims, so I don't see what the big deal is.

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From schaefer at trilug.org  Fri Apr 18 23:17:23 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Fri, 18 Apr 2014 23:17:23 -0400
Subject: [arch-general] lxc: systemd-udev-trigger resets host kbd &
 mouse settings
In-Reply-To: <53519CE5.40904@gmail.com>
References: <1397857225.31192.58.camel@wot> <53519CE5.40904@gmail.com>
Message-ID: <1397877443.31192.76.camel@wot>

On Fri, 2014-04-18 at 17:45 -0400, Daniel Micay wrote:
> On 18/04/14 05:40 PM, Carl Schaefer wrote:
> > I've just started playing with lxc, and found that if I create a
> > container with:
> > 
> > # lxc-create -n arch -t archlinux
> > 
> > and then start it:
> > 
> > # lxc-start -n arch
> > 
> > it resets my X keyboard map and mouse acceleration settings (which are
> > set by setxkbmap/xset/xinput), though mouse button remapping done by
> > xmodmap is not affected.
> > 
> > I tracked it as far as the execution of:
> > 
> >   /usr/bin/udevadm trigger --type=devices --action=add
> > 
> > in /usr/lib/systemd/system/systemd-udev-trigger.service, which seems to
> > write "add" to most of the "uevent" files under /sys/devices.  I don't
> > know the reason for this, especially in a container, but disabling the
> > whole udev trigger service in the container keeps the host X input
> > settings intact without breaking anything obvious in the container (and
> > the container boots a lot faster now, too).
> > 
> > I'd appreciate any thoughts on what systemd-udev-trigger is doing,
> > whether it's appropriate in a container, and if there's a better way to
> > keep a container from changing X input settings on the host.
> > Carl
> 
> Do you have these issues with systemd-nspawn?

no, systemd-nspawn does not reset host X input settings; the nspawn
container makes /sys read-only, so "udevadm trigger" in the container
can't succeed, and in fact the unit file's condition keeps it from even
trying: 

nspawn# systemctl status systemd-udev-trigger
* systemd-udev-trigger.service - udev Coldplug all Devices
   Loaded: loaded (/usr/lib/systemd/system/systemd-udev-trigger.service; static)
   Active: inactive (dead)
           start condition failed at Fri 2014-04-18 20:21:24 EDT; 28s ago
           ConditionPathIsReadWrite=/sys was not met

> Containers are not yet completely solid. One of the most notable flaws
> is the complete lack of namespacing for the cgroup filesystem. These
> kind of things are worked around by systemd via various hacks, so
> perhaps lxc is missing something.

I agree it seems something is missing, but I'm less clear about what &
from where...  :-)
Carl

From letter at openmailbox.org  Sat Apr 19 04:35:16 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 08:35:16 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
References: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
Message-ID: <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>

On 2014-04-18 12:35, message wrote:
> Readers,
> 
> IBM Java was installed into the directory 'usr/local':
> 
> $ /usr/local/java/jre/bin/java -version
> java version "1.8.0"
> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
> enabled, AOT enabled)
> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
> JIT  - r13.b02_20130419_36653
> GC   - R27_Java827_Beta_3_20130419_2138_B145797
> J9CL - 20130419_145797)
> JCL - 20130410_01 based on Oracle jdk8-b80
> 
> The file 'bashrc' was edited:
> 
> GNU nano 2.2.6              File: ./.bashrc
> 
> # .bashrc
> 
> # User specific aliases and functions
> 
> # Source global definitions
> if [ -f /etc/bashrc ]; then
>         . /etc/bashrc
> fi
> export PATH=$PATH:/usr/local/bin
> export JAVA_HOME=/usr/local/java/jre/bin/java
> 
> After saving the bashrc file, sign-out and sign-in, the java program
> is not accessible via command terminal 'java -version', the entire
> path has to be entered.
> 
> What is my mistake please?

The path was changed to:

export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java

but the command terminal 'java -version' is not recognised.

From xgdgsc at gmail.com  Sat Apr 19 04:48:58 2014
From: xgdgsc at gmail.com (GSC)
Date: Sat, 19 Apr 2014 16:48:58 +0800
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
References: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
 <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
Message-ID: <5352387A.7080801@gmail.com>

On 04/19/2014 04:35 PM, message wrote:
>
> The path was changed to:
>
> export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java
>
> but the command terminal 'java -version' is not recognised.
export PATH=$PATH:/usr/local/java/jre/bin/

From letter at openmailbox.org  Sat Apr 19 05:27:14 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 09:27:14 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1038.1397824963.3663.arch-general@archlinux.org>
References: <mailman.1038.1397824963.3663.arch-general@archlinux.org>
Message-ID: <8cb126f0d7910e25760fa5e3e60f1def@openmailbox.org>

On 2014-04-18 12:42, arch-general-request at archlinux.org wrote:
> ------------------------------
> 
> Message: 8
> Date: Fri, 18 Apr 2014 14:42:40 +0200
> From: Heiko Becker <heikobecker92 at gmail.com>
> Subject: Re: [arch-general] ibm java installation path environment
> 
> Am 18.04.2014 14:35 schrieb "message" <letter at openmailbox.org>:
>> 
>> Readers,
>> 
>> IBM Java was installed into the directory 'usr/local':
>> 
>> $ /usr/local/java/jre/bin/java -version
>> java version "1.8.0"
>> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
>> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
> enabled, AOT enabled)
>> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
>> JIT  - r13.b02_20130419_36653
>> GC   - R27_Java827_Beta_3_20130419_2138_B145797
>> J9CL - 20130419_145797)
>> JCL - 20130410_01 based on Oracle jdk8-b80
>> 
>> The file 'bashrc' was edited:
>> 
>> GNU nano 2.2.6              File: ./.bashrc
>> 
>> # .bashrc
>> 
>> # User specific aliases and functions
>> 
>> # Source global definitions
>> if [ -f /etc/bashrc ]; then
>>         . /etc/bashrc
>> fi
>> export PATH=$PATH:/usr/local/bin
>> export JAVA_HOME=/usr/local/java/jre/bin/java
>> 

It is correct to add multiple paths to the export PATH command:

export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java

--
digest-mode subscriber; please cc to maintain message thread

From letter at openmailbox.org  Sat Apr 19 05:28:17 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 09:28:17 +0000
Subject: [arch-general] eye candy wall paper
Message-ID: <bafd0a999419aa47675cacf8ae6d76f1@openmailbox.org>

Readers,

For those interested, someone has published some nice gnu/linux logos 
wallpaper, including Archlinux: https://dspora.org/posts/53049

From xgdgsc at gmail.com  Sat Apr 19 06:30:03 2014
From: xgdgsc at gmail.com (GSC)
Date: Sat, 19 Apr 2014 18:30:03 +0800
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <8cb126f0d7910e25760fa5e3e60f1def@openmailbox.org>
References: <mailman.1038.1397824963.3663.arch-general@archlinux.org>
 <8cb126f0d7910e25760fa5e3e60f1def@openmailbox.org>
Message-ID: <5352502B.6030902@gmail.com>

Then you shouldn' t be using archlinux.

From lorenzo.bandieri at gmail.com  Sat Apr 19 06:39:20 2014
From: lorenzo.bandieri at gmail.com (Lorenzo Bandieri)
Date: Sat, 19 Apr 2014 12:39:20 +0200
Subject: [arch-general] How to track packages dropped from the repos?
Message-ID: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>

Hi list,

Sometimes packages are silently dropped from the repos. This happened
for example in the last few days with mash 0.2.0-3, which apparently I
installed as a dependency for gnome (I guess it is no longer
required). I follow arch-general, arch-dev-public and aur-general, and
as far as I know, this change wasn't announced in any of these lists.
I recall other examples in the last 2-3 years (this is roughly the
time I've used arch consistently), but now I don't remember the
packages involved.

Currently I try to keep track of these changes by running e.g. "pacman
-Qm" and "pacman -Qdt" once in a while, so it's no big deal. However,
I think it would be interesting to know from a more "official" channel
when a package is dropped and why. This would allow users to be aware
of the change and decide whether the package is still needed (and act
accordingly, e.g. if the package is dropped to AUR, one could
subscribe to comments or check for updates) or can be safely
uninstalled.

I searched without finding anything decisive (e.g. these threads [1]
[2] suggest possible workarounds in the form of scripts). I wonder if
better methods to track dropped packages exist; if not, would it be
feasible to implement a solution, e.g. a list where dropped packages
are announced, similar to "last rites" in gentoo?

Thanks for your time,

Lorenzo

[1] https://bbs.archlinux.org/viewtopic.php?id=147574
[2] https://bbs.archlinux.org/viewtopic.php?id=125665

From mike.cloaked at gmail.com  Sat Apr 19 06:54:08 2014
From: mike.cloaked at gmail.com (Mike Cloaked)
Date: Sat, 19 Apr 2014 11:54:08 +0100
Subject: [arch-general] KDE update and baloo
In-Reply-To: <53502CA4.4050800@sapience.com>
References: <534FD307.2060400@sapience.com>
 <CAFa9FQtCYNjdqmXgMH19ffUD1=W5v+yGjG3crJN1eDegigpCDA@mail.gmail.com>
 <53502CA4.4050800@sapience.com>
Message-ID: <CAOCAAm4gyJKnBP6BcrFUY1RTeHt9zut9cJZJDfJR8_EyaLY6fw@mail.gmail.com>

On Thu, Apr 17, 2014 at 8:33 PM, Genes Lists <lists at sapience.com> wrote:

> On 04/17/2014 10:37 AM, Lukas Jirkovsky wrote:
>
>>
>> Is it with KDE PIM? I remember a discussion in the release ML that
>> baloo was somewhat broken in PIM. I dunno if that was fixed or not.
>>
>>  No not using PIM. I killed off all the baloo processes - short term
> fix.There really should be an off button on this kind of thing.
>

What I found is after runing the current pacman update, then I did the
following. Logout and back in to kde. Then once logged back in went to the
kde system settings and into Desktop Search, and simply add the user home
directory to the list not to search.  Apply the changed setting, and then
logout and back in (there was a slight delay to the logout process at this
point due to the initial baloo processes running but I just waited out the
half minute or so till it logged out). There was be a baloo file cleaner
process running when I logged back in, which on my machines seemed to run
for a few minutes only, and then stop. At that point if I checked the file:

$ cat .kde4/share/config/baloofilerc
and found that at the top that there were already the lines:
[Basic Settings]
Indexing-Enabled=false

[General]
several other lines after this.....

At that point baloo quietened down and there were no further issues with
baloo but I guess you need to have a little patience during the initial
running of the processes mentioned above, so it is a short term issue only.

I have seen a gentoo thread which suggests that allowing baloo to index
email does give a very efficient search even for tens of thousands of
mails, but of course the initial indexing process does take a little time
and CPU cycles for several minutes depending on how many directories and
files are in the mail area - but once that is complete then it is suggested
that it works extremely well.

-- 
mike c

From camenschic at gmail.com  Sat Apr 19 07:42:16 2014
From: camenschic at gmail.com (D C)
Date: Sat, 19 Apr 2014 07:42:16 -0400
Subject: [arch-general] eye candy wall paper
In-Reply-To: <bafd0a999419aa47675cacf8ae6d76f1@openmailbox.org>
References: <bafd0a999419aa47675cacf8ae6d76f1@openmailbox.org>
Message-ID: <CAK+x9t=Kpzhvf4EwHwD3BPH-jYGTEPCLpyAQ3608d2kbthxc3w@mail.gmail.com>

Very nice!


On Sat, Apr 19, 2014 at 5:28 AM, message <letter at openmailbox.org> wrote:

> Readers,
>
> For those interested, someone has published some nice gnu/linux logos
> wallpaper, including Archlinux: https://dspora.org/posts/53049
>

From letter at openmailbox.org  Sat Apr 19 07:47:21 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 11:47:21 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1117.1397896521.3663.arch-general@archlinux.org>
References: <mailman.1117.1397896521.3663.arch-general@archlinux.org>
Message-ID: <7c1f2546ec87033cb87aeaf6a1a37515@openmailbox.org>

On 2014-04-19 08:35, arch-general-request at archlinux.org wrote:
> ------------------------------
> 
> Message: 7
> Date: Sat, 19 Apr 2014 08:35:16 +0000
> From: message <letter at openmailbox.org>
> Subject: Re: [arch-general] ibm java installation path environment
> 
> On 2014-04-18 12:35, message wrote:
>> Readers,
>> 
>> IBM Java was installed into the directory 'usr/local':
>> 
>> $ /usr/local/java/jre/bin/java -version
>> java version "1.8.0"
>> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
>> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
>> enabled, AOT enabled)
>> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
>> JIT  - r13.b02_20130419_36653
>> GC   - R27_Java827_Beta_3_20130419_2138_B145797
>> J9CL - 20130419_145797)
>> JCL - 20130410_01 based on Oracle jdk8-b80
>> 
>> The file 'bashrc' was edited:
>> 
>> GNU nano 2.2.6              File: ./.bashrc
>> 
>> # .bashrc
>> 
>> # User specific aliases and functions
>> 
>> # Source global definitions
>> if [ -f /etc/bashrc ]; then
>>         . /etc/bashrc
>> fi
>> export PATH=$PATH:/usr/local/bin
>> export JAVA_HOME=/usr/local/java/jre/bin/java
>> 
>> After saving the bashrc file, sign-out and sign-in, the java program
>> is not accessible via command terminal 'java -version', the entire
>> path has to be entered.
>> 
>> What is my mistake please?
> 
> The path was changed to:
> 
> export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java
> 
> but the command terminal 'java -version' is not recognised.
> 

java recognition fails after change of the file and sign-out, sign-in:

# .bashrc

# User specific aliases and functions

# Source global definitions
if [ -f /etc/bashrc ]; then
         . /etc/bashrc
fi
export PATH=$PATH:/usr/local/java/jre/bin/java
export JAVA_HOME=/usr/local/java/jre/bin/java

Any other advice please?

--
digest-mode subscriber; please cc to maintain message thread

From matze5800 at gmail.com  Sat Apr 19 08:07:25 2014
From: matze5800 at gmail.com (Simon Matzeder)
Date: Sat, 19 Apr 2014 14:07:25 +0200
Subject: [arch-general] eye candy wall paper
In-Reply-To: <CAK+x9t=Kpzhvf4EwHwD3BPH-jYGTEPCLpyAQ3608d2kbthxc3w@mail.gmail.com>
References: <bafd0a999419aa47675cacf8ae6d76f1@openmailbox.org>
 <CAK+x9t=Kpzhvf4EwHwD3BPH-jYGTEPCLpyAQ3608d2kbthxc3w@mail.gmail.com>
Message-ID: <CAC8_z56vgLUeBZbkTugOjdeO9mE9ugSxL5=6_Y5q1zghbTgiYw@mail.gmail.com>

Thanks for suggesting those, really nice work! :)

From gavcos at gmail.com  Sat Apr 19 08:07:39 2014
From: gavcos at gmail.com (Gavin Costello)
Date: Sat, 19 Apr 2014 14:07:39 +0200
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
References: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
 <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
Message-ID: <20140419120739.GA10764@gmail.com>

On 19-04-2014 08.35, message wrote:
> The path was changed to:
> 
> export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java
> 
> but the command terminal 'java -version' is not recognised.
---end quoted text---

Hello,

Try this:
export PATH=$PATH:/usr/local/bin:/usr/local/java/jre

Perhaps you would be more comfortable with another distribution like
Ubuntu?

HTH,

Gavin.
-- 
Gavin Costello
gavcos at gmail.com

From gavcos at gmail.com  Sat Apr 19 08:10:08 2014
From: gavcos at gmail.com (Gavin Costello)
Date: Sat, 19 Apr 2014 14:10:08 +0200
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
References: <5ce335a6f3c8306fa79c751c98e9271a@openmailbox.org>
 <5357f6bfabd10f87b51e861c81bb9b7d@openmailbox.org>
Message-ID: <20140419121008.GB10764@gmail.com>

On 19-04-2014 08.35, message wrote:
> The path was changed to:
> 
> export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java
> 
> but the command terminal 'java -version' is not recognised.
---end quoted text---

Sorry, what I meant to say was this:

export JAVA_HOME=/usr/local/java/jre
export PATH=$PATH:$JAVA_HOME/bin

Regards,

Gavin.
-- 
Gavin Costello
gavcos at gmail.com

From bebe at bebehei.de  Sat Apr 19 09:57:29 2014
From: bebe at bebehei.de (Benedikt Heine)
Date: Sat, 19 Apr 2014 15:57:29 +0200
Subject: [arch-general] eye candy wall paper
In-Reply-To: <CAC8_z56vgLUeBZbkTugOjdeO9mE9ugSxL5=6_Y5q1zghbTgiYw@mail.gmail.com>
References: <bafd0a999419aa47675cacf8ae6d76f1@openmailbox.org>
 <CAK+x9t=Kpzhvf4EwHwD3BPH-jYGTEPCLpyAQ3608d2kbthxc3w@mail.gmail.com>
 <CAC8_z56vgLUeBZbkTugOjdeO9mE9ugSxL5=6_Y5q1zghbTgiYw@mail.gmail.com>
Message-ID: <c479488e6a82ffdacf4b157189bd95d9@bread.b3be.de>

Thanks for the link, I really enjoy this Arch-artwork. I just want to 
annotate , that the author of this artwork has got much more on his own 
website at https://media.jpope.org/

Cheers,
bebe

From letter at openmailbox.org  Sat Apr 19 11:02:51 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 15:02:51 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
Message-ID: <9e7006d77d19cc97bb3f01e44983c90c@openmailbox.org>

On 2014-04-19 11:47, arch-general-request at archlinux.org wrote:
> 
> ------------------------------
> 
> Message: 8
> Date: Sat, 19 Apr 2014 11:47:21 +0000
> From: message <letter at openmailbox.org>
> Subject: Re: [arch-general] ibm java installation path environment
>>> 
>>> IBM Java was installed into the directory 'usr/local':
>>> 
>>> $ /usr/local/java/jre/bin/java -version
>>> java version "1.8.0"
>>> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
>>> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
>>> enabled, AOT enabled)
>>> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
>>> JIT  - r13.b02_20130419_36653
>>> GC   - R27_Java827_Beta_3_20130419_2138_B145797
>>> J9CL - 20130419_145797)
>>> JCL - 20130410_01 based on Oracle jdk8-b80
>>> 
>>> The file 'bashrc' was edited:
>>> 
>>> GNU nano 2.2.6              File: ./.bashrc
>>> 
>>> # .bashrc
>>> 
>>> # User specific aliases and functions
>>> 
>>> # Source global definitions
>>> if [ -f /etc/bashrc ]; then
>>>         . /etc/bashrc
>>> fi
>>> export PATH=$PATH:/usr/local/bin
>>> export JAVA_HOME=/usr/local/java/jre/bin/java
>>> 
>>> After saving the bashrc file, sign-out and sign-in, the java program
>>> is not accessible via command terminal 'java -version', the entire
>>> path has to be entered.
>>> 
>>> What is my mistake please?
>> 
>> The path was changed to:
>> 
>> export PATH=$PATH:/usr/local/bin:/usr/local/java/jre/bin/java
>> 
>> but the command terminal 'java -version' is not recognised.
>> 
> 
> java recognition fails after change of the file and sign-out, sign-in:
> 
> # .bashrc
> 
> # User specific aliases and functions
> 
> # Source global definitions
> if [ -f /etc/bashrc ]; then
>          . /etc/bashrc
> fi
> export PATH=$PATH:/usr/local/java/jre/bin/java
> export JAVA_HOME=/usr/local/java/jre/bin/java
> 

Have also tried:

...
export PATH=$PATH:$JAVA_HOME/bin
export JAVA_HOME=/usr/local/java/jre

but also unsuccessful recognition of the java command.

From xgdgsc at gmail.com  Sat Apr 19 11:23:15 2014
From: xgdgsc at gmail.com (GSC)
Date: Sat, 19 Apr 2014 23:23:15 +0800
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <9e7006d77d19cc97bb3f01e44983c90c@openmailbox.org>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
 <9e7006d77d19cc97bb3f01e44983c90c@openmailbox.org>
Message-ID: <535294E3.9080305@gmail.com>

On 2014?04?19? 23:02, message wrote:
>
> Have also tried:
>
> ...
> export PATH=$PATH:$JAVA_HOME/bin
> export JAVA_HOME=/usr/local/java/jre
>
> but also unsuccessful recognition of the java command.
Are you joking?

From letter at openmailbox.org  Sat Apr 19 11:36:10 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 15:36:10 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
Message-ID: <c71ed16c985895180c3af7ab4152c1f6@openmailbox.org>

On 2014-04-19 11:47, arch-general-request at archlinux.org wrote:
>> ------------------------------
>> 
>> Message: 7
>> Date: Sat, 19 Apr 2014 08:35:16 +0000
>> From: message <letter at openmailbox.org>
>> Subject: Re: [arch-general] ibm java installation path environment
>> 
>> On 2014-04-18 12:35, message wrote:
>>> Readers,
>>> 
>>> IBM Java was installed into the directory 'usr/local':
>>> 
>>> $ /usr/local/java/jre/bin/java -version
>>> java version "1.8.0"
>>> Java(TM) SE Runtime Environment (build pxi3280ea-20130422_01)
>>> IBM J9 VM (build 2.7, JRE 1.8.0 Linux x86-32 20130419_145797 (JIT
>>> enabled, AOT enabled)
>>> J9VM - R27_Java827_Beta_3_20130419_2138_B145797
>>> JIT  - r13.b02_20130419_36653
>>> GC   - R27_Java827_Beta_3_20130419_2138_B145797
>>> J9CL - 20130419_145797)
>>> JCL - 20130410_01 based on Oracle jdk8-b80
>>> 
>>> The file 'bashrc' was edited:

No joke; latest bashrc edit:

  GNU nano 2.2.6              File: ./.bashrc

# .bashrc

# User specific aliases and functions

# Source global definitions
if [ -f /etc/bashrc ]; then
         . /etc/bashrc
fi
export PATH=$PATH:$JAVA_HOME/bin
export JAVA_HOME=/usr/local/java/jre

In home directory, keyboard 'ja+TAB' (i.e. use unix auto-complete 
function) shows:

$ ja
jack_alias                  jack_monitor_client
jack_bufsize                jack_netsource
jack_connect                jack_property
jack_disconnect             jack_rec
jack_evmon                  jack_samplerate
jack_freewheel              jack_server_control
jack_impulse_grabber        jack_session_notify
jack_iodelay                jack_showtime
jack_latent_client          jack_simple_client
jack_load                   jack_simple_session_client
jack_load_test              jack_transport
jack_lsp                    jack_transport_client
jack_metro                  jack_unload
jack_midi_dump              jack_wait
jack_midiseq                jackd
jack_midisine               jasper

'Java' does not appear in the list above, but java is installed as shown 
originally above.

--
digest-mode subscriber; please cc to maintain message thread

From gdamjan at gmail.com  Sat Apr 19 12:04:28 2014
From: gdamjan at gmail.com (Damjan Georgievski)
Date: Sat, 19 Apr 2014 18:04:28 +0200
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <c71ed16c985895180c3af7ab4152c1f6@openmailbox.org>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
 <c71ed16c985895180c3af7ab4152c1f6@openmailbox.org>
Message-ID: <CAEk1YH57nn4tuQ92vc+wSFHfDA1RXxCPFO66xN9Rg-X_swPvxg@mail.gmail.com>

> export PATH=$PATH:$JAVA_HOME/bin
> export JAVA_HOME=/usr/local/java/jre

This is wrong, you can't use $JAVA_HOME *before* it is set.
Also, you can always check $PATH in a shell with "echo $PATH"

What are contents of /usr/local/java/jre/bin ?

-- 
damjan

From letter at openmailbox.org  Sat Apr 19 12:33:08 2014
From: letter at openmailbox.org (message)
Date: Sat, 19 Apr 2014 16:33:08 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
Message-ID: <0f25903585c5253c66f2cb29fc9509b6@openmailbox.org>

On 2014-04-19 11:47, arch-general-request at archlinux.org wrote:
> 
> ------------------------------
> 
> Message: 8
> Date: Sat, 19 Apr 2014 11:47:21 +0000
> From: message <letter at openmailbox.org>
>> 

the bashrc file was changed:

...
export JAVA_HOME=/usr/local/java/jre
export PATH=$PATH:$JAVA_HOME/bin

This solved the problem, my failure to write the export paths in the 
correct order.

$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/vendor_perl:/usr/bin/core_perl:/usr/local/java/jre/bin

$ ls /usr/local/java/jre/bin
ControlPanel  j9vm     javad.options  jdmpview	klist	    rmid
classic       java     javaw	      jextract	ktab	    rmiregistry
ikeycmd       java_vm  javaws	      keytool	pack200     tnameserv
ikeyman       javad    jcontrol       kinit	policytool  unpack200

Thank you! :)

From danielmicay at gmail.com  Sat Apr 19 12:54:46 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Sat, 19 Apr 2014 12:54:46 -0400
Subject: [arch-general] lxc: systemd-udev-trigger resets host kbd &
 mouse settings
In-Reply-To: <1397877443.31192.76.camel@wot>
References: <1397857225.31192.58.camel@wot> <53519CE5.40904@gmail.com>
 <1397877443.31192.76.camel@wot>
Message-ID: <5352AA56.8080808@gmail.com>

On 18/04/14 11:17 PM, Carl Schaefer wrote:
> On Fri, 2014-04-18 at 17:45 -0400, Daniel Micay wrote:
>> On 18/04/14 05:40 PM, Carl Schaefer wrote:
>>> I've just started playing with lxc, and found that if I create a
>>> container with:
>>>
>>> # lxc-create -n arch -t archlinux
>>>
>>> and then start it:
>>>
>>> # lxc-start -n arch
>>>
>>> it resets my X keyboard map and mouse acceleration settings (which are
>>> set by setxkbmap/xset/xinput), though mouse button remapping done by
>>> xmodmap is not affected.
>>>
>>> I tracked it as far as the execution of:
>>>
>>>   /usr/bin/udevadm trigger --type=devices --action=add
>>>
>>> in /usr/lib/systemd/system/systemd-udev-trigger.service, which seems to
>>> write "add" to most of the "uevent" files under /sys/devices.  I don't
>>> know the reason for this, especially in a container, but disabling the
>>> whole udev trigger service in the container keeps the host X input
>>> settings intact without breaking anything obvious in the container (and
>>> the container boots a lot faster now, too).
>>>
>>> I'd appreciate any thoughts on what systemd-udev-trigger is doing,
>>> whether it's appropriate in a container, and if there's a better way to
>>> keep a container from changing X input settings on the host.
>>> Carl
>>
>> Do you have these issues with systemd-nspawn?
> 
> no, systemd-nspawn does not reset host X input settings; the nspawn
> container makes /sys read-only, so "udevadm trigger" in the container
> can't succeed, and in fact the unit file's condition keeps it from even
> trying: 
> 
> nspawn# systemctl status systemd-udev-trigger
> * systemd-udev-trigger.service - udev Coldplug all Devices
>    Loaded: loaded (/usr/lib/systemd/system/systemd-udev-trigger.service; static)
>    Active: inactive (dead)
>            start condition failed at Fri 2014-04-18 20:21:24 EDT; 28s ago
>            ConditionPathIsReadWrite=/sys was not met
> 
>> Containers are not yet completely solid. One of the most notable flaws
>> is the complete lack of namespacing for the cgroup filesystem. These
>> kind of things are worked around by systemd via various hacks, so
>> perhaps lxc is missing something.
> 
> I agree it seems something is missing, but I'm less clear about what &
> from where...  :-)
> Carl

AFAIK the /sys filesystem and most (all?) of the submounts are not yet
namespaced. Any cgroup created on the host will be visible in the
container, etc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140419/f4820029/attachment.asc>

From jelle at vdwaa.nl  Sat Apr 19 14:32:34 2014
From: jelle at vdwaa.nl (Jelle van der Waa)
Date: Sat, 19 Apr 2014 20:32:34 +0200
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <535294E3.9080305@gmail.com>
References: <mailman.1130.1397908046.3663.arch-general@archlinux.org>
 <9e7006d77d19cc97bb3f01e44983c90c@openmailbox.org>
 <535294E3.9080305@gmail.com>
Message-ID: <20140419183233.GA28298@gmail.com>

On 04/19/14 at 11:23pm, GSC wrote:
> On 2014?04?19? 23:02, message wrote:
> >
> >Have also tried:
> >
> >...
> >export PATH=$PATH:$JAVA_HOME/bin
> >export JAVA_HOME=/usr/local/java/jre
> >
> >but also unsuccessful recognition of the java command.
> Are you joking?

Why are you using a custom java and not for example aur/jre or the
openjdk packages in the normal repo.

-- 
Jelle van der Waa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140419/ae287c88/attachment.asc>

From m at xbra.de  Sat Apr 19 15:33:56 2014
From: m at xbra.de (=?UTF-8?B?TWF4aW1pbGlhbiBCcsOkdXRpZ2Ft?=)
Date: Sat, 19 Apr 2014 21:33:56 +0200
Subject: [arch-general] How to track packages dropped from the repos?
In-Reply-To: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
References: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
Message-ID: <5352CFA4.6020106@xbra.de>

Am 19.04.2014 12:39, schrieb Lorenzo Bandieri:
> Hi list,
>
> Sometimes packages are silently dropped from the repos. This happened
> for example in the last few days with mash 0.2.0-3, which apparently I
> installed as a dependency for gnome (I guess it is no longer
> required). I follow arch-general, arch-dev-public and aur-general, and
> as far as I know, this change wasn't announced in any of these lists.
> I recall other examples in the last 2-3 years (this is roughly the
> time I've used arch consistently), but now I don't remember the
> packages involved.
>
> Currently I try to keep track of these changes by running e.g. "pacman
> -Qm" and "pacman -Qdt" once in a while, so it's no big deal. However,
> I think it would be interesting to know from a more "official" channel
> when a package is dropped and why. This would allow users to be aware
> of the change and decide whether the package is still needed (and act
> accordingly, e.g. if the package is dropped to AUR, one could
> subscribe to comments or check for updates) or can be safely
> uninstalled.
>
> I searched without finding anything decisive (e.g. these threads [1]
> [2] suggest possible workarounds in the form of scripts). I wonder if
> better methods to track dropped packages exist; if not, would it be
> feasible to implement a solution, e.g. a list where dropped packages
> are announced, similar to "last rites" in gentoo?
>
> Thanks for your time,
>
> Lorenzo
>
> [1] https://bbs.archlinux.org/viewtopic.php?id=147574
> [2] https://bbs.archlinux.org/viewtopic.php?id=125665
>


Hi Lorenzo,

I am using yaourt to track packages from aur (and possibly packages 
moved from official repos to aur). Note, that it is not an official 
peace of software and you should read the wiki carefully. [1]

Best wishes,
Max

[1] https://wiki.archlinux.org/index.php/Yaourt

From blackredtree at gmail.com  Sat Apr 19 16:07:42 2014
From: blackredtree at gmail.com (Chris Moline)
Date: Sat, 19 Apr 2014 14:07:42 -0600
Subject: [arch-general] How do I preserve changes to okular.desktop?
Message-ID: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>

Hi, every time I upgrade okular chrome starts opening two instances. One
has a dialong saying it couldn't find '%I' and the other has the document I
want. All I have to do to fix it is to remove %I from the .desktop file.
How do I preserve this change across upgrades? Alternatively, how do I get
the '%I' to be expanded properly?

Sorry if this is asked a lot. My search-fu was not up to the task.

From krejzi at email.com  Sat Apr 19 16:12:29 2014
From: krejzi at email.com (Armin K.)
Date: Sat, 19 Apr 2014 22:12:29 +0200
Subject: [arch-general] How do I preserve changes to okular.desktop?
In-Reply-To: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>
References: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>
Message-ID: <5352D8AD.9020206@email.com>

On 04/19/2014 10:07 PM, Chris Moline wrote:
> Hi, every time I upgrade okular chrome starts opening two instances. One
> has a dialong saying it couldn't find '%I' and the other has the document I
> want. All I have to do to fix it is to remove %I from the .desktop file.
> How do I preserve this change across upgrades? Alternatively, how do I get
> the '%I' to be expanded properly?
> 
> Sorry if this is asked a lot. My search-fu was not up to the task.
> 

Have you tried putting it in ~/.local/share/applications ?

-- 
Note: My last name is not Krejzi.

From fsckdaemon at gmail.com  Sat Apr 19 18:05:53 2014
From: fsckdaemon at gmail.com (fsckd)
Date: Sat, 19 Apr 2014 18:05:53 -0400
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
Message-ID: <5352f346.4e0ce00a.2208.444f@mx.google.com>

Class is over. :) Those of you who missed it, don't worry. Logs are available.

9:30 UTC class
https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_09%3a30-UTC.txt

16:00 UTC class
https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_16%3a00-UTC.txt

Regards,
fsckd

From silverone at us4clan.net  Sat Apr 19 20:27:20 2014
From: silverone at us4clan.net (Humberto "SilverOne" Carvalho)
Date: Sun, 20 Apr 2014 01:27:20 +0100
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <5352f346.4e0ce00a.2208.444f@mx.google.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <5352f346.4e0ce00a.2208.444f@mx.google.com>
Message-ID: <53531468.7050701@us4clan.net>

Hey,

Unfortunately I couldn't be there but thank you for the logs, I'll take
a look.

Looking forward to seeing more.

Best Regards,
Humberto Carvalho

On 04/19/2014 11:05 PM, fsckd wrote:
> Class is over. :) Those of you who missed it, don't worry. Logs are
> available.
> 
> 9:30 UTC class
> https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_09%3a30-UTC.txt
> 
> 
> 16:00 UTC class
> https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_16%3a00-UTC.txt
> 
> 
> Regards,
> fsckd

From karol.blazewicz at gmail.com  Sun Apr 20 08:54:09 2014
From: karol.blazewicz at gmail.com (Karol Blazewicz)
Date: Sun, 20 Apr 2014 14:54:09 +0200
Subject: [arch-general] How to track packages dropped from the repos?
In-Reply-To: <5352CFA4.6020106@xbra.de>
References: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
 <5352CFA4.6020106@xbra.de>
Message-ID: <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>

On Sat, Apr 19, 2014 at 9:33 PM, Maximilian Br?utigam <m at xbra.de> wrote:
> Am 19.04.2014 12:39, schrieb Lorenzo Bandieri:
>
>> Hi list,
>>
>> Sometimes packages are silently dropped from the repos. This happened
>> for example in the last few days with mash 0.2.0-3, which apparently I
>> installed as a dependency for gnome (I guess it is no longer
>> required). I follow arch-general, arch-dev-public and aur-general, and
>> as far as I know, this change wasn't announced in any of these lists.
>> I recall other examples in the last 2-3 years (this is roughly the
>> time I've used arch consistently), but now I don't remember the
>> packages involved.
>>
>> Currently I try to keep track of these changes by running e.g. "pacman
>> -Qm" and "pacman -Qdt" once in a while, so it's no big deal. However,
>> I think it would be interesting to know from a more "official" channel
>> when a package is dropped and why. This would allow users to be aware
>> of the change and decide whether the package is still needed (and act
>> accordingly, e.g. if the package is dropped to AUR, one could
>> subscribe to comments or check for updates) or can be safely
>> uninstalled.
>>
>> I searched without finding anything decisive (e.g. these threads [1]
>> [2] suggest possible workarounds in the form of scripts). I wonder if
>> better methods to track dropped packages exist; if not, would it be
>> feasible to implement a solution, e.g. a list where dropped packages
>> are announced, similar to "last rites" in gentoo?
>>
>> Thanks for your time,
>>
>> Lorenzo
>>
>> [1] https://bbs.archlinux.org/viewtopic.php?id=147574
>> [2] https://bbs.archlinux.org/viewtopic.php?id=125665
>>
>
>
> Hi Lorenzo,
>
> I am using yaourt to track packages from aur (and possibly packages moved
> from official repos to aur). Note, that it is not an official peace of
> software and you should read the wiki carefully. [1]
>
> Best wishes,
> Max
>
> [1] https://wiki.archlinux.org/index.php/Yaourt

List the packages that are in the repos and compare these lists to see
what new packages are in the repos and which ones have been dropped.
You can use expac to format the list the way you like it and run it
daily / weekly.
If you're using testing repos you should make sure you won't get
flooded by the list of new packages twice - when they enter testing
and when they're moved to non-testing repos. Packages "disappearing"
from testing repos would be false positives when looking for the ones
that have been removed completely. I think the easiest way would be to
drop the repo name and keep just the package name, unless you care if
the package is moved between repos e.g. from extra to community.

From ralf.mardorf at alice-dsl.net  Sun Apr 20 11:21:50 2014
From: ralf.mardorf at alice-dsl.net (Ralf Mardorf)
Date: Sun, 20 Apr 2014 17:21:50 +0200
Subject: [arch-general] iTunes on Arch Linux
Message-ID: <1398007310.1007.29.camel@archlinux>

Hi,

on my Arch Linux host I run Windows XP as guest in Virtual Box. From one
day to the other some Internet connections don't work anymore.

If I try to connect iTunes to their server, there is no Internet
connection. If I try to connect to https://startpage.com/ by a guest's
browser, there's no Internet connection, while for http://www.google.de/
there is. https://startpage.com/ is available by the Arch Linux host's
browsers. Another https website,
https://en.wikipedia.org/wiki/HTTP_Secure is available by the guest's
browsers too.

What could be the cause, that for some things the Internet is available
for the guest and for other things the Internet isn't available.

Some Heartbleed fix or some missing fix?

Safari's German message says that it can's connect to
https://startpage.com/ , because it can't establish a secure connection.

iTunes just nags that I should check, if there is an Internet
connection.

Unfortunately I need iTunes.

Any ideas how to fix it or another way to run iTunes on Linux?

Regards,
Ralf


From letter at openmailbox.org  Sun Apr 20 11:45:56 2014
From: letter at openmailbox.org (message)
Date: Sun, 20 Apr 2014 15:45:56 +0000
Subject: [arch-general] ibm java installation path environment
In-Reply-To: <mailman.1188.1397998453.3663.arch-general@archlinux.org>
References: <mailman.1188.1397998453.3663.arch-general@archlinux.org>
Message-ID: <6cf879500f89a6a12f377bb6f2e0d62b@openmailbox.org>

On 2014-04-20 12:54, arch-general-request at archlinux.org wrote:
> 
> ------------------------------
> 
> Message: 2
> Date: Sat, 19 Apr 2014 20:32:34 +0200
> From: Jelle van der Waa <jelle at vdwaa.nl>
> 
> Why are you using a custom java and not for example aur/jre or the
> openjdk packages in the normal repo.
> 

There is no special reason. IBM Java has been used for many years 
previously. Some people claim better performance in the past.

From linux at zuik.net  Sun Apr 20 11:50:49 2014
From: linux at zuik.net (Wayne S)
Date: Sun, 20 Apr 2014 11:50:49 -0400
Subject: [arch-general] [arch-dev-public] ppp 2.4.6 in testing breaks
 pptp connections in NetworkManager
In-Reply-To: <5309E24B.9020709@archlinux.org>
References: <7916230.85WW76dYBp@empire> <5309C1D8.2080302@archlinux.org>
 <4265724.xOgRN206zD@lhart> <5309E24B.9020709@archlinux.org>
Message-ID: <mailman.1.1398009057.3660.arch-general@archlinux.org>

At 2/23/2014 07:58 AM, you wrote:

>Am 23.02.2014 12:53, schrieb Arthur ??i??eic??:
>> I've seen these issues but I didn't have enough time to come to a sane 
>> conclusion in order to report it.
>> 
>> IIRC rp-pppoe in core has the same problem.
>> 
>> pppd[27117]: Plugin /usr/lib/rp-pppoe/rp-pppoe.so is for pppd version 2.4.5, 
>> this is 2.4.6
>> 
>> Bug report at: https://bugs.archlinux.org/task/39007
>
>Since that plugin is not even in the pppd plugin path, there is no way
>to detect this problem.
>
>Besides rp-pppoe, pppd-ldap also needs a rebuild (the plugin is still
>for 2.4.4, so I wonder if a single person ever used it).
>
>I also wonder why rp-pppoe is still in core. It provides no essential
>functionality that netctl+ppp don't.

I'm using an arch box as a firewall router. I have verizon fios connection that still uses pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normal is 25Mbps) but ok download bandwidth is still around 58Mbps. During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. Something is now broken and I don't know what it is.

I switched over to using the fios router = works OK, switched over to a archlinuxarm on utilite - works OK, mostly. I built a new firewall router on another box with new network cards, and it has the same problem. Which leads me to conclude that something is wrong in the pppoe.

The setup I use is close to the arch wiki on pppd, which use the rp-pppoe.so plugin. Can you explain how netctl+ppp can replace the rp-pppoe plugin.

Thanks
Wayne S



From janilsons at yahoo.com  Sun Apr 20 12:59:50 2014
From: janilsons at yahoo.com (Janilson Andrade)
Date: Sun, 20 Apr 2014 09:59:50 -0700 (PDT)
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <53531468.7050701@us4clan.net>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <5352f346.4e0ce00a.2208.444f@mx.google.com> <53531468.7050701@us4clan.net>
Message-ID: <1398013190.93003.YahooMailNeo@web120704.mail.ne1.yahoo.com>

Thanks for the log.
I am reading it right now and I'm enjoying it very much.

Congratulations for the work.


?
Att,
Janilson M. de Andrade
On Saturday, April 19, 2014 9:27 PM, "Humberto "SilverOne" Carvalho" <silverone at us4clan.net> wrote:
 
Hey,

Unfortunately I couldn't be there but thank you for the logs, I'll take
a look.

Looking forward to seeing more.

Best Regards,
Humberto Carvalho


On 04/19/2014 11:05 PM, fsckd wrote:
> Class is over. :) Those of you who missed it, don't worry. Logs are
> available.
> 
> 9:30 UTC class
> https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_09%3a30-UTC.txt
> 
> 
> 16:00 UTC class
> https://archwomen.org/media/project_classroom/classlogs/2014-04-19-pkgbuilds_16%3a00-UTC.txt
> 
> 
> Regards,
> fsckd

From deathslycer at gmail.com  Sun Apr 20 15:07:19 2014
From: deathslycer at gmail.com (Jeroen Mathon)
Date: Sun, 20 Apr 2014 21:07:19 +0200
Subject: [arch-general] iTunes on Arch Linux
In-Reply-To: <1398007310.1007.29.camel@archlinux>
References: <1398007310.1007.29.camel@archlinux>
Message-ID: <CAOGbgnVbDbFEG_eBN1HWnZRcA+w6+vf_tLm9CJyS9Eb9_Fwsug@mail.gmail.com>

Same here.
The main problem is that ios blocks linux.
So untill they finally add support we need to wait for libimobiledevice to
be updated.
Try podcasts or ftp.


2014-04-20 17:21 GMT+02:00 Ralf Mardorf <ralf.mardorf at alice-dsl.net>:

> Hi,
>
> on my Arch Linux host I run Windows XP as guest in Virtual Box. From one
> day to the other some Internet connections don't work anymore.
>
> If I try to connect iTunes to their server, there is no Internet
> connection. If I try to connect to https://startpage.com/ by a guest's
> browser, there's no Internet connection, while for http://www.google.de/
> there is. https://startpage.com/ is available by the Arch Linux host's
> browsers. Another https website,
> https://en.wikipedia.org/wiki/HTTP_Secure is available by the guest's
> browsers too.
>
> What could be the cause, that for some things the Internet is available
> for the guest and for other things the Internet isn't available.
>
> Some Heartbleed fix or some missing fix?
>
> Safari's German message says that it can's connect to
> https://startpage.com/ , because it can't establish a secure connection.
>
> iTunes just nags that I should check, if there is an Internet
> connection.
>
> Unfortunately I need iTunes.
>
> Any ideas how to fix it or another way to run iTunes on Linux?
>
> Regards,
> Ralf
>
>

From schaefer at trilug.org  Sun Apr 20 15:37:24 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Sun, 20 Apr 2014 15:37:24 -0400
Subject: [arch-general] iTunes on Arch Linux
In-Reply-To: <1398007310.1007.29.camel@archlinux>
References: <1398007310.1007.29.camel@archlinux>
Message-ID: <1398022644.3575.36.camel@wot>

> What could be the cause, that for some things the Internet is available
> for the guest and for other things the Internet isn't available.
> 
> Safari's German message says that it can't connect to
> https://startpage.com/ , because it can't establish a secure connection.

"can't establish a secure connection" could mean a DNS or hostname
lookup failure, a TCP connect failure, or perhaps some sort of SSL
certificate problem.  To figure out where the problem is, try connecting
with ping & telnet from a DOS cmd prompt, using both hostnames and IP
addresses (telnet to port 443 for https), and try a different browser.
As always when debugging Windows, it doesn't hurt to scan for malware,
e.g. run Malwarebytes
Carl

From schaefer at trilug.org  Sun Apr 20 16:09:39 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Sun, 20 Apr 2014 16:09:39 -0400
Subject: [arch-general] How to track packages dropped from the repos?
In-Reply-To: <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>
References: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
 <5352CFA4.6020106@xbra.de>
 <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>
Message-ID: <1398024579.3575.57.camel@wot>

> >> Sometimes packages are silently dropped from the repos. This happened
> >> for example in the last few days with mash 0.2.0-3, which apparently I
> >> installed as a dependency for gnome (I guess it is no longer
> >> required). I follow arch-general, arch-dev-public and aur-general, and
> >> as far as I know, this change wasn't announced in any of these lists.
> >> I recall other examples in the last 2-3 years (this is roughly the
> >> time I've used arch consistently), but now I don't remember the
> >> packages involved.
> >>
> >> Currently I try to keep track of these changes by running e.g. "pacman
> >> -Qm" and "pacman -Qdt" once in a while, so it's no big deal. However,
> >> I think it would be interesting to know from a more "official" channel
> >> when a package is dropped and why. This would allow users to be aware
> >> of the change and decide whether the package is still needed (and act
> >> accordingly, e.g. if the package is dropped to AUR, one could
> >> subscribe to comments or check for updates) or can be safely
> >> uninstalled.
> >>
> >> I searched without finding anything decisive (e.g. these threads [1]
> >> [2] suggest possible workarounds in the form of scripts). I wonder if
> >> better methods to track dropped packages exist; if not, would it be
> >> feasible to implement a solution, e.g. a list where dropped packages
> >> are announced, similar to "last rites" in gentoo?

yes, most arch users could write a script to track this after the fact,
but personally I like the idea of advance notification.  Perhaps a
mailing list could be created for each repository, e.g.

arch-core-notification
arch-extra-notification,
etc.

New packages could be announced automatically.  Deletions could be
announced a week in advance, with any discussion taking place on
arch-general.  Maybe something like this is already going on among the
TUs; if so, there's at least a bit of interest in making that more
visible.

Carl

From karol.blazewicz at gmail.com  Sun Apr 20 17:02:35 2014
From: karol.blazewicz at gmail.com (Karol Blazewicz)
Date: Sun, 20 Apr 2014 23:02:35 +0200
Subject: [arch-general] How to track packages dropped from the repos?
In-Reply-To: <1398024579.3575.57.camel@wot>
References: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
 <5352CFA4.6020106@xbra.de>
 <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>
 <1398024579.3575.57.camel@wot>
Message-ID: <CAO0v=MODbNbMWcXRa+e0SqcnDEof_NpxKCSuCqad7BdRgeWGPg@mail.gmail.com>

On Sun, Apr 20, 2014 at 10:09 PM, Carl Schaefer <schaefer at trilug.org> wrote:
>> >> Sometimes packages are silently dropped from the repos. This happened
>> >> for example in the last few days with mash 0.2.0-3, which apparently I
>> >> installed as a dependency for gnome (I guess it is no longer
>> >> required). I follow arch-general, arch-dev-public and aur-general, and
>> >> as far as I know, this change wasn't announced in any of these lists.
>> >> I recall other examples in the last 2-3 years (this is roughly the
>> >> time I've used arch consistently), but now I don't remember the
>> >> packages involved.
>> >>
>> >> Currently I try to keep track of these changes by running e.g. "pacman
>> >> -Qm" and "pacman -Qdt" once in a while, so it's no big deal. However,
>> >> I think it would be interesting to know from a more "official" channel
>> >> when a package is dropped and why. This would allow users to be aware
>> >> of the change and decide whether the package is still needed (and act
>> >> accordingly, e.g. if the package is dropped to AUR, one could
>> >> subscribe to comments or check for updates) or can be safely
>> >> uninstalled.
>> >>
>> >> I searched without finding anything decisive (e.g. these threads [1]
>> >> [2] suggest possible workarounds in the form of scripts). I wonder if
>> >> better methods to track dropped packages exist; if not, would it be
>> >> feasible to implement a solution, e.g. a list where dropped packages
>> >> are announced, similar to "last rites" in gentoo?
>
> yes, most arch users could write a script to track this after the fact,
> but personally I like the idea of advance notification.  Perhaps a
> mailing list could be created for each repository, e.g.
>
> arch-core-notification
> arch-extra-notification,
> etc.
>
> New packages could be announced automatically.  Deletions could be
> announced a week in advance, with any discussion taking place on
> arch-general.  Maybe something like this is already going on among the
> TUs; if so, there's at least a bit of interest in making that more
> visible.
>
> Carl

Sometimes packages are split, merged or renamed too.

From hugo at barrera.io  Mon Apr 21 07:36:12 2014
From: hugo at barrera.io (Hugo Osvaldo Barrera)
Date: Mon, 21 Apr 2014 08:36:12 -0300
Subject: [arch-general] [aur-general] GHC 7.8.1 packaging decisions for
	Arch Linux
In-Reply-To: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
References: <CANFDciHnRPKywJdAQ+pipEFsQP0GsxSMKABnvPkPq88KY9wVhA@mail.gmail.com>
Message-ID: <20140421113612.GA31428@athena.barrera.io>

On 2014-04-08 22:27, Thomas Dziedzic wrote:
> Hello all,
> 
> With the arrival of ghc 7.8.1 [0], I would like to address the following
> problems with a restructuring of how we treat haskell packages in archlinux:
> 
> Problem 1: Updating any haskell package has been delayed until we bump ghc.
> Explanation: ghc is unable to produce a library that has a stable abi. In
> other words, if a library gets rebuilt (even if it's the same exact
> source), we will need to rebuild all package that depend on it, and this
> would in turn a messy rebuild for any kind of rebuild.
> 

Changing depends on packages to exact versions will make these
incompatibilities rise quickly.
Eg: package A should depend on packageB=x.y.z-n

That would avoid mixing up different versions. This would avoid a library
being updated in a system until all packages that depend on it have
been rebuilt.

-- 
Hugo Osvaldo Barrera
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140421/0dfb57ed/attachment.asc>

From lorenzo.bandieri at gmail.com  Mon Apr 21 11:41:06 2014
From: lorenzo.bandieri at gmail.com (Lorenzo Bandieri)
Date: Mon, 21 Apr 2014 17:41:06 +0200
Subject: [arch-general] How to track packages dropped from the repos?
In-Reply-To: <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>
References: <CABqumk8sND03589W1z=2meLjM9-R5T84Zc=vK5YaDxhQxj1yrw@mail.gmail.com>
 <5352CFA4.6020106@xbra.de>
 <CAO0v=MND0DLFKoJLknhNirTR1YXT4kW8Soqnf4_32DUCAyV3NA@mail.gmail.com>
Message-ID: <CABqumk-8fmLqBY9MsCWvrnoxAs5zizFyz3_jRqZfs3EB4wTfcw@mail.gmail.com>

2014-04-19 21:33 GMT+02:00 Maximilian Br?utigam <m at xbra.de>:

> I am using yaourt to track packages from aur (and possibly packages moved
> from official repos to aur). Note, that it is not an official peace of
> software and you should read the wiki carefully. [1]

Hi Maximilian,

Thanks for your opinion on this. I am aware of the existence of
yaourt, however I'm not particularly fond of it. I prefer to build and
upgrade packages manually; I don't use many packages from the AUR, so
for me it's not an unbearable task :) In a certain sense, I was asking
that question  precisely because I don't use yaourt or similar
helpers. As you said, if a package is dropped to AUR and you are using
an AUR helper, it takes care of updates for you; but if like me you
are doing all manually, you need to know that a package has been moved
to AUR or it won't be updated. Moreover, some packages are downright
removed without being dropped to AUR (e.g. mash).

2014-04-20 14:54 GMT+02:00 Karol Blazewicz <karol.blazewicz at gmail.com>:

> List the packages that are in the repos and compare these lists to see
> what new packages are in the repos and which ones have been dropped.
> You can use expac to format the list the way you like it and run it
> daily / weekly.
> If you're using testing repos you should make sure you won't get
> flooded by the list of new packages twice - when they enter testing
> and when they're moved to non-testing repos. Packages "disappearing"
> from testing repos would be false positives when looking for the ones
> that have been removed completely. I think the easiest way would be to
> drop the repo name and keep just the package name, unless you care if
> the package is moved between repos e.g. from extra to community.

Hi Karol,

Thanks for the input. A script would partially address my need (one
thing I'd like to know for example, is why a certain package was
removed, which a script can't tell me; package removal without prior
discussion/announce is not the norm, but as I said I've seen it happen
sometimes). Some sort of notification in advance via mailing list (as
suggested by Carl Schaefer) would be ideal for me... it's my
responsibility to keep my sistem clean, I just think it would be
useful to have a nicer way of doing this. Anyway, it's nothing that
keeps me awake at night :) If there's no better way to do this, I
guess a script is the way to go.

Thanks everyone for the responses,

Lorenzo

From lisaev at umail.iu.edu  Mon Apr 21 12:56:36 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Mon, 21 Apr 2014 11:56:36 -0500
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <53502BFB.1090104@archlinux.org>
References: <20140417135612.1cae79de@bluemoon> <53502BFB.1090104@archlinux.org>
Message-ID: <20140421115636.0c8f41c9@bluemoon>

On Thu, 17 Apr 2014 21:31:07 +0200
Thomas B?chler <thomas at archlinux.org> wrote:

> [...]
> 
> I think another solution in systemd would be introducing a holdoff time:
> Instead of running immediately on boot, the timer should be scheduled
> for boot+5min.
> 
> This requires some investigation - sorry, I don't have a quick solution
> right now.
> 

AFAIU, there are 2 real issues here:
1. We hook to the boot process a bunch of disk-intensive operations which did
not belong there in the 1st place.
2. Even if a boot delay for timers is implemented or the behavior of Type=idle
units is "fixed" somehow in systemd, still all "cron" timers will be started in
parallel which may result in a slow/unresponsive system. Note, that under
anacron they were serialized by run-parts.

BTW, thanks for bringing this up on systemd ML.

L.

-- 
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6  20DF 9291 EE8A 043C B8C4
                  C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140421/d60fd7b5/attachment.asc>

From thomas at archlinux.org  Mon Apr 21 16:50:11 2014
From: thomas at archlinux.org (=?UTF-8?B?VGhvbWFzIELDpGNobGVy?=)
Date: Mon, 21 Apr 2014 22:50:11 +0200
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <20140421115636.0c8f41c9@bluemoon>
References: <20140417135612.1cae79de@bluemoon>
 <53502BFB.1090104@archlinux.org> <20140421115636.0c8f41c9@bluemoon>
Message-ID: <53558483.2070700@archlinux.org>

Am 21.04.2014 18:56, schrieb Leonid Isaev:
> On Thu, 17 Apr 2014 21:31:07 +0200
> AFAIU, there are 2 real issues here:
> 1. We hook to the boot process a bunch of disk-intensive operations which did
> not belong there in the 1st place.
> 2. Even if a boot delay for timers is implemented or the behavior of Type=idle
> units is "fixed" somehow in systemd, still all "cron" timers will be started in
> parallel which may result in a slow/unresponsive system. Note, that under
> anacron they were serialized by run-parts.

The Linux scheduler and I/O scheduler are supposed to handle such
workloads gracefully. The units are configured to be in the proper io
scheduling class and with proper nice values.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140421/a694088e/attachment.asc>

From linux at zuik.net  Mon Apr 21 20:49:58 2014
From: linux at zuik.net (Wayne S)
Date: Mon, 21 Apr 2014 20:49:58 -0400
Subject: [arch-general] PPPoE broken on upload
Message-ID: <mailman.2.1398127809.3660.arch-general@archlinux.org>

No answers on previous post so starting new topic.

Recent updates have caused problems with my PPPoE FIOS link. The upload speed has been reduced to near zero.

I "was" using arch linux box as a firewall router. I have a verizon fios connection that still uses the old pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normally it is >25Mbps), however the download bandwidth is still around 58Mbps.

There was a recent thread about recompiling PPP to 2.4.6, however, whatever this change did in recent updates, has broken my router PPP connection upload speed.

During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. I see no errors.

I switched over to using the Verizon actiontec fios router and it works OK. I switched over to an archlinuxarm on a Utilite computer, and it works OK. I built a new arch based firewall router on a different computer, and it has the same problem with the latest Arch on my existing router. Which leads me to conclude that something went wrong with pppoe after the recompile to 2.4.6.

Any help would be welcome on what is going on, or how to diagnose.

Wayne





From olivier at olivierlanglois.net  Mon Apr 21 23:38:13 2014
From: olivier at olivierlanglois.net (Olivier Langlois)
Date: Mon, 21 Apr 2014 23:38:13 -0400
Subject: [arch-general] CONFIG_TCP_CONG_VENO on Wifi link with a laptop
Message-ID: <1398137893.20955.65.camel@Wailaba2>

does anyone had a positive experience with this TCP congestion avoidance
method with this particular setup?




From pdgiddie at gmail.com  Tue Apr 22 06:21:52 2014
From: pdgiddie at gmail.com (Paul Gideon Dann)
Date: Tue, 22 Apr 2014 11:21:52 +0100
Subject: [arch-general] Qt4 / Qt5 package naming
In-Reply-To: <CAFd36BhnAFriQOp3xUFF3hmqBpbbgm-JpCA+uQ6+8UNmB53zfA@mail.gmail.com>
References: <CAFd36BhnAFriQOp3xUFF3hmqBpbbgm-JpCA+uQ6+8UNmB53zfA@mail.gmail.com>
Message-ID: <2210607.QZ5CNqQ41m@leto>

On Friday 18 Apr 2014 10:29:56 Jerome Leclanche wrote:
> Hi
> 
> With Qt5 becoming more and more available throughout Qt apps
> (especially as KDE progresses into the switch), I think it's time to
> consider adopting an updated naming scheme.
> 
> IMHO:
> - Qt4 apps should use the -qt4 suffix
> - Qt5 apps should not use any suffix or prefix
> - Qt libraries should probably use a qt- prefix. (eg what is currently
> qt5-base, qt5-doc etc should become qt-base, qt-location). Or
> alternatively, no prefix at all and use upstream naming scheme
> (qtbase, qtlocation, ...)

I'm not a big fan of this transition happening for every major Qt release. Is there a 
significant downside to keeping both -qt4 and -qt5 in package names?

Paul

From lonewolf at xs4all.nl  Tue Apr 22 06:31:37 2014
From: lonewolf at xs4all.nl (LoneVVolf)
Date: Tue, 22 Apr 2014 12:31:37 +0200
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
References: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
Message-ID: <53564509.4050107@xs4all.nl>

On 22-04-14 02:49, Wayne S wrote:
> No answers on previous post so starting new topic.
>
> Recent updates have caused problems with my PPPoE FIOS link. The upload speed has been reduced to near zero.
>
> I "was" using arch linux box as a firewall router. I have a verizon fios connection that still uses the old pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normally it is >25Mbps), however the download bandwidth is still around 58Mbps.
>
> There was a recent thread about recompiling PPP to 2.4.6, however, whatever this change did in recent updates, has broken my router PPP connection upload speed.
What was the previous version of ppp that did work ?
> During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. I see no errors.
latest rp-ppoe version in repos is 3.11.5 , have you tried with that 
version ?
please post a complete log of a boot.
> I switched over to using the Verizon actiontec fios router and it works OK. I switched over to an archlinuxarm on a Utilite computer, and it works OK.
what version of ppp /rp-ppoe does the archlinuxarm system use ?
Have you compared the arm PKGBUILDs with the x86_64/i686 PKGBUILDs ?
>   I built a new arch based firewall router on a different computer, and it has the same problem with the latest Arch on my existing router. Which leads me to conclude that something went wrong with pppoe after the recompile to 2.4.6.
>
> Any help would be welcome on what is going on, or how to diagnose.
>
> Wayne
>
>
>
>
Was the new arch based fw router a fresh install, or an existing system ?

Note : I know a bit about the ppp/rp-pppoe protocols but next to nothing 
about it's practical use.
My questions are intended to get information that will help 
troubleshooting this.

Lone_Wolf

From heikobecker92 at gmail.com  Tue Apr 22 07:02:43 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Tue, 22 Apr 2014 13:02:43 +0200
Subject: [arch-general] pacman and keys
Message-ID: <53564C53.3080508@gmail.com>

Hey,

today I tried to update my system and got errors related to my pacman keys.

As I have not been using my computer for a week I reinitialized the 
pacman key database and downloaded the arch linux keys with pacman-key 
--import archlinux.

After that my libreoffice issues were solved, but now I get the 
following error:

error: jre7-openjdk-headless: signature from "Guillaume ALAUX 
<guillaume at archlinux.org>" is invalid
:: File 
/var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz is 
corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

Can someone help me out?

Best regards,

Heiko


From m at xbra.de  Tue Apr 22 07:13:13 2014
From: m at xbra.de (=?ISO-8859-1?Q?Maximilian_Br=E4utigam?=)
Date: Tue, 22 Apr 2014 13:13:13 +0200
Subject: [arch-general] pacman and keys
In-Reply-To: <53564C53.3080508@gmail.com>
References: <53564C53.3080508@gmail.com>
Message-ID: <53564EC9.2000704@xbra.de>

Am 22.04.2014 13:02, schrieb Heiko Becker:
> Hey,
> 
> today I tried to update my system and got errors related to my pacman keys.
> 
> As I have not been using my computer for a week I reinitialized the
> pacman key database and downloaded the arch linux keys with pacman-key
> --import archlinux.
> 
> After that my libreoffice issues were solved, but now I get the
> following error:
> 
> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
> <guillaume at archlinux.org>" is invalid
> :: File
> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz is
> corrupted (invalid or corrupted package (PGP signature)).
> Do you want to delete it? [Y/n] Y
> error: failed to commit transaction (invalid or corrupted package)
> Errors occurred, no packages were upgraded.
> 
> Can someone help me out?
> 
> Best regards,
> 
> Heiko
> 

Hi Heiko,

did you try to remove and download the package again since it states
that the package is corrupted?

# rm
/var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
# pacman -Syu

Best,
Max

From alexandre.n.medeiros at gmail.com  Tue Apr 22 07:14:27 2014
From: alexandre.n.medeiros at gmail.com (Alexandre Medeiros)
Date: Tue, 22 Apr 2014 08:14:27 -0300
Subject: [arch-general] pacman and keys
In-Reply-To: <53564C53.3080508@gmail.com>
References: <53564C53.3080508@gmail.com>
Message-ID: <CAMfGtUA7JLYmQ2jdJ62R7BEM8z9CEMRiAouxraeN_B=F1gRvaA@mail.gmail.com>

On 22 April 2014 08:02, Heiko Becker <heikobecker92 at gmail.com> wrote:
> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
> <guillaume at archlinux.org>" is invalid
> :: File
> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz is
> corrupted (invalid or corrupted package (PGP signature)).
> Do you want to delete it? [Y/n] Y
> error: failed to commit transaction (invalid or corrupted package)
> Errors occurred, no packages were upgraded.
>
> Can someone help me out?

I once got a similar error when the files on the mirror I use were
corrupted, changing the mirror solved my problem, and eventually the
admin of the mirror fixed it (or the package was updated, I don't
really know)

Best regards,

-- 
Alexandre Medeiros
Institute of Computing - University of Campinas
BSc Computer Science Student
GNU/Linux user #562691
http://alemedeiros.sdf.org/

From heikobecker92 at gmail.com  Tue Apr 22 07:16:29 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Tue, 22 Apr 2014 13:16:29 +0200
Subject: [arch-general] pacman and keys
In-Reply-To: <53564EC9.2000704@xbra.de>
References: <53564C53.3080508@gmail.com> <53564EC9.2000704@xbra.de>
Message-ID: <53564F8D.8090109@gmail.com>

Am 22.04.2014 13:02, schrieb Heiko Becker:
>> Hey,
>>
>> today I tried to update my system and got errors related to my pacman keys.
>>
>> As I have not been using my computer for a week I reinitialized the
>> pacman key database and downloaded the arch linux keys with pacman-key
>> --import archlinux.
>>
>> After that my libreoffice issues were solved, but now I get the
>> following error:
>>
>> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
>> <guillaume at archlinux.org>" is invalid
>> :: File
>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz is
>> corrupted (invalid or corrupted package (PGP signature)).
>> Do you want to delete it? [Y/n] Y
>> error: failed to commit transaction (invalid or corrupted package)
>> Errors occurred, no packages were upgraded.
>>
>> Can someone help me out?
>>
>> Best regards,
>>
>> Heiko
>>
> Hi Heiko,
>
> did you try to remove and download the package again since it states
> that the package is corrupted?
>
> # rm
> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
> # pacman -Syu
>
> Best,
> Max

As my full package intergity got lost, I first deleted the complete 
cache. And I always allowed it to remove the package when it asked for 
it. But somehow it worked now.

But now I get the following error when doing conflict checks:

error: failed to commit transaction (conflicting files)
kdelibs: /usr/include/KDE/K3ListViewSearchLine exists in filesystem
kdelibs: /usr/include/KDE/K3ListViewSearchLineWidget exists in filesystem
kdelibs: /usr/include/KDE/K3MacroCommand exists in filesystem
kdelibs: /usr/include/KDE/K3MultipleDrag exists in filesystem
kdelibs: /usr/include/KDE/K3NamedCommand exists in filesystem
kdelibs: /usr/include/KDE/K3PopupMenu exists in filesystem
kdelibs: /usr/include/KDE/K3Process exists in filesystem
kdelibs: /usr/include/KDE/K3ProcessController exists in filesystem
kdelibs: /usr/include/KDE/K3RFCDate exists in filesystem
kdelibs: /usr/include/KDE/K3SpellConfig exists in filesystem
kdelibs: /usr/include/KDE/K3SpellDlg exists in filesystem
kdelibs: /usr/include/KDE/K3SpellingHighlighter exists in filesystem
kdelibs: /usr/include/KDE/K3StaticDeleterBase exists in filesystem
kdelibs: /usr/include/KDE/K3SyntaxHighlighter exists in filesystem
kdelibs: /usr/include/KDE/K3URLDrag exists in filesystem
kdelibs: /usr/include/KDE/K3Wizard exists in filesystem
kdelibs: /usr/include/KDE/KAboutPerson exists in filesystem
kdelibs: /usr/include/KDE/KAcceleratorManager exists in filesystem
kdelibs: /usr/include/KDE/KAction exists in filesystem
kdelibs: /usr/include/KDE/KActionMenu exists in filesystem
kdelibs: /usr/include/KDE/KActionSelector exists in filesystem
kdelibs: /usr/include/KDE/KAr exists in filesystem
kdelibs: /usr/include/KDE/KArchive exists in filesystem
kdelibs: /usr/include/KDE/KArchiveDirectory exists in filesystem
kdelibs: /usr/include/KDE/KArrowButton exists in filesystem
kdelibs: /usr/include/KDE/KAscii exists in filesystem
kdelibs: /usr/include/KDE/KAuth/Action exists in filesystem
kdelibs: /usr/include/KDE/KAuth/ActionReply exists in filesystem
kdelibs: /usr/include/KDE/KAuth/ActionWatcher exists in filesystem
kdelibs: /usr/include/KDE/KAuthorized exists in filesystem
kdelibs: /usr/include/KDE/KAutoMount exists in filesystem
kdelibs: /usr/include/KDE/KAutoSaveFile exists in filesystem
kdelibs: /usr/include/KDE/KBookmark exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkAction exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkActionMenu exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkDialog exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkDomBuilder exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkGroupTraverser exists in filesystem
kdelibs: /usr/include/KDE/KBookmarkImporterBase exists in filesystem
Errors occurred, no packages were upgraded.


Heiko



From m at xbra.de  Tue Apr 22 07:32:48 2014
From: m at xbra.de (=?ISO-8859-1?Q?Maximilian_Br=E4utigam?=)
Date: Tue, 22 Apr 2014 13:32:48 +0200
Subject: [arch-general] pacman and keys
In-Reply-To: <53564F8D.8090109@gmail.com>
References: <53564C53.3080508@gmail.com> <53564EC9.2000704@xbra.de>
 <53564F8D.8090109@gmail.com>
Message-ID: <53565360.8030703@xbra.de>

Am 22.04.2014 13:16, schrieb Heiko Becker:
> Am 22.04.2014 13:02, schrieb Heiko Becker:
>>> Hey,
>>>
>>> today I tried to update my system and got errors related to my pacman
>>> keys.
>>>
>>> As I have not been using my computer for a week I reinitialized the
>>> pacman key database and downloaded the arch linux keys with pacman-key
>>> --import archlinux.
>>>
>>> After that my libreoffice issues were solved, but now I get the
>>> following error:
>>>
>>> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
>>> <guillaume at archlinux.org>" is invalid
>>> :: File
>>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>>> is
>>> corrupted (invalid or corrupted package (PGP signature)).
>>> Do you want to delete it? [Y/n] Y
>>> error: failed to commit transaction (invalid or corrupted package)
>>> Errors occurred, no packages were upgraded.
>>>
>>> Can someone help me out?
>>>
>>> Best regards,
>>>
>>> Heiko
>>>
>> Hi Heiko,
>>
>> did you try to remove and download the package again since it states
>> that the package is corrupted?
>>
>> # rm
>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>> # pacman -Syu
>>
>> Best,
>> Max
> 
> As my full package intergity got lost, I first deleted the complete
> cache. And I always allowed it to remove the package when it asked for
> it. But somehow it worked now.
> 
> But now I get the following error when doing conflict checks:
> 
> error: failed to commit transaction (conflicting files)
> kdelibs: /usr/include/KDE/K3ListViewSearchLine exists in filesystem
> kdelibs: /usr/include/KDE/K3ListViewSearchLineWidget exists in filesystem
> kdelibs: /usr/include/KDE/K3MacroCommand exists in filesystem
> kdelibs: /usr/include/KDE/K3MultipleDrag exists in filesystem
> kdelibs: /usr/include/KDE/K3NamedCommand exists in filesystem
> kdelibs: /usr/include/KDE/K3PopupMenu exists in filesystem
> kdelibs: /usr/include/KDE/K3Process exists in filesystem
> kdelibs: /usr/include/KDE/K3ProcessController exists in filesystem
> kdelibs: /usr/include/KDE/K3RFCDate exists in filesystem
> kdelibs: /usr/include/KDE/K3SpellConfig exists in filesystem
> kdelibs: /usr/include/KDE/K3SpellDlg exists in filesystem
> kdelibs: /usr/include/KDE/K3SpellingHighlighter exists in filesystem
> kdelibs: /usr/include/KDE/K3StaticDeleterBase exists in filesystem
> kdelibs: /usr/include/KDE/K3SyntaxHighlighter exists in filesystem
> kdelibs: /usr/include/KDE/K3URLDrag exists in filesystem
> kdelibs: /usr/include/KDE/K3Wizard exists in filesystem
> kdelibs: /usr/include/KDE/KAboutPerson exists in filesystem
> kdelibs: /usr/include/KDE/KAcceleratorManager exists in filesystem
> kdelibs: /usr/include/KDE/KAction exists in filesystem
> kdelibs: /usr/include/KDE/KActionMenu exists in filesystem
> kdelibs: /usr/include/KDE/KActionSelector exists in filesystem
> kdelibs: /usr/include/KDE/KAr exists in filesystem
> kdelibs: /usr/include/KDE/KArchive exists in filesystem
> kdelibs: /usr/include/KDE/KArchiveDirectory exists in filesystem
> kdelibs: /usr/include/KDE/KArrowButton exists in filesystem
> kdelibs: /usr/include/KDE/KAscii exists in filesystem
> kdelibs: /usr/include/KDE/KAuth/Action exists in filesystem
> kdelibs: /usr/include/KDE/KAuth/ActionReply exists in filesystem
> kdelibs: /usr/include/KDE/KAuth/ActionWatcher exists in filesystem
> kdelibs: /usr/include/KDE/KAuthorized exists in filesystem
> kdelibs: /usr/include/KDE/KAutoMount exists in filesystem
> kdelibs: /usr/include/KDE/KAutoSaveFile exists in filesystem
> kdelibs: /usr/include/KDE/KBookmark exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkAction exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkActionMenu exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkDialog exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkDomBuilder exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkGroupTraverser exists in filesystem
> kdelibs: /usr/include/KDE/KBookmarkImporterBase exists in filesystem
> Errors occurred, no packages were upgraded.
> 
> 
> Heiko
> 
> 


I do not know what when wrong here and you should wait for better help.
But if you are willing to force pacman to upgrade then make a backup and try

# pacman -S --force --asdeps kdelibs

"""
--asdeps
           Install packages non-explicitly; in other words, fake their
install reason to be installed as a dependency. This is useful for
makepkg and other build from source tools that need to install
           dependencies before building the package.

--force
           Bypass file conflict checks and overwrite conflicting files.
If the package that is about to be installed contains files that are
already installed, this option will cause all those files to
           be overwritten. Using --force will not allow overwriting a
directory with a file or installing packages with conflicting files and
directories. This option should be used with care, ideally
           not at all.
"""

Best,
Max

From heikobecker92 at gmail.com  Tue Apr 22 07:52:43 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Tue, 22 Apr 2014 13:52:43 +0200
Subject: [arch-general] pacman and keys
In-Reply-To: <53565360.8030703@xbra.de>
References: <53564C53.3080508@gmail.com> <53564EC9.2000704@xbra.de>
 <53564F8D.8090109@gmail.com> <53565360.8030703@xbra.de>
Message-ID: <5356580B.60605@gmail.com>


On 22.04.2014 13:32, Maximilian Br?utigam wrote:
> Am 22.04.2014 13:16, schrieb Heiko Becker:
>> Am 22.04.2014 13:02, schrieb Heiko Becker:
>>>> Hey,
>>>>
>>>> today I tried to update my system and got errors related to my pacman
>>>> keys.
>>>>
>>>> As I have not been using my computer for a week I reinitialized the
>>>> pacman key database and downloaded the arch linux keys with pacman-key
>>>> --import archlinux.
>>>>
>>>> After that my libreoffice issues were solved, but now I get the
>>>> following error:
>>>>
>>>> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
>>>> <guillaume at archlinux.org>" is invalid
>>>> :: File
>>>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>>>> is
>>>> corrupted (invalid or corrupted package (PGP signature)).
>>>> Do you want to delete it? [Y/n] Y
>>>> error: failed to commit transaction (invalid or corrupted package)
>>>> Errors occurred, no packages were upgraded.
>>>>
>>>> Can someone help me out?
>>>>
>>>> Best regards,
>>>>
>>>> Heiko
>>>>
>>> Hi Heiko,
>>>
>>> did you try to remove and download the package again since it states
>>> that the package is corrupted?
>>>
>>> # rm
>>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>>> # pacman -Syu
>>>
>>> Best,
>>> Max
>> As my full package intergity got lost, I first deleted the complete
>> cache. And I always allowed it to remove the package when it asked for
>> it. But somehow it worked now.
>>
>> But now I get the following error when doing conflict checks:
>>
>> error: failed to commit transaction (conflicting files)
>> kdelibs: /usr/include/KDE/K3ListViewSearchLine exists in filesystem
>> kdelibs: /usr/include/KDE/K3ListViewSearchLineWidget exists in filesystem
>> kdelibs: /usr/include/KDE/K3MacroCommand exists in filesystem
>> kdelibs: /usr/include/KDE/K3MultipleDrag exists in filesystem
>> kdelibs: /usr/include/KDE/K3NamedCommand exists in filesystem
>> kdelibs: /usr/include/KDE/K3PopupMenu exists in filesystem
>> kdelibs: /usr/include/KDE/K3Process exists in filesystem
>> kdelibs: /usr/include/KDE/K3ProcessController exists in filesystem
>> kdelibs: /usr/include/KDE/K3RFCDate exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellConfig exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellDlg exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellingHighlighter exists in filesystem
>> kdelibs: /usr/include/KDE/K3StaticDeleterBase exists in filesystem
>> kdelibs: /usr/include/KDE/K3SyntaxHighlighter exists in filesystem
>> kdelibs: /usr/include/KDE/K3URLDrag exists in filesystem
>> kdelibs: /usr/include/KDE/K3Wizard exists in filesystem
>> kdelibs: /usr/include/KDE/KAboutPerson exists in filesystem
>> kdelibs: /usr/include/KDE/KAcceleratorManager exists in filesystem
>> kdelibs: /usr/include/KDE/KAction exists in filesystem
>> kdelibs: /usr/include/KDE/KActionMenu exists in filesystem
>> kdelibs: /usr/include/KDE/KActionSelector exists in filesystem
>> kdelibs: /usr/include/KDE/KAr exists in filesystem
>> kdelibs: /usr/include/KDE/KArchive exists in filesystem
>> kdelibs: /usr/include/KDE/KArchiveDirectory exists in filesystem
>> kdelibs: /usr/include/KDE/KArrowButton exists in filesystem
>> kdelibs: /usr/include/KDE/KAscii exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/Action exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/ActionReply exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/ActionWatcher exists in filesystem
>> kdelibs: /usr/include/KDE/KAuthorized exists in filesystem
>> kdelibs: /usr/include/KDE/KAutoMount exists in filesystem
>> kdelibs: /usr/include/KDE/KAutoSaveFile exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmark exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkAction exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkActionMenu exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkDialog exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkDomBuilder exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkGroupTraverser exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkImporterBase exists in filesystem
>> Errors occurred, no packages were upgraded.
>>
>>
>> Heiko
>>
>>
>
> I do not know what when wrong here and you should wait for better help.
> But if you are willing to force pacman to upgrade then make a backup and try
>
> # pacman -S --force --asdeps kdelibs
>
> """
> --asdeps
>             Install packages non-explicitly; in other words, fake their
> install reason to be installed as a dependency. This is useful for
> makepkg and other build from source tools that need to install
>             dependencies before building the package.
>
> --force
>             Bypass file conflict checks and overwrite conflicting files.
> If the package that is about to be installed contains files that are
> already installed, this option will cause all those files to
>             be overwritten. Using --force will not allow overwriting a
> directory with a file or installing packages with conflicting files and
> directories. This option should be used with care, ideally
>             not at all.
> """
>
> Best,
> Max
Thanks for your fats response.

As I'm not that dependent on the update I will stick with the machies 
current state not to break ym system and wait for further assistance :D

Best regards,
Heiko

From zoqaeski at gmail.com  Tue Apr 22 08:42:09 2014
From: zoqaeski at gmail.com (Robbie Smith)
Date: Tue, 22 Apr 2014 22:42:09 +1000
Subject: [arch-general] How do I preserve changes to okular.desktop?
In-Reply-To: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>
References: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>
Message-ID: <535663A1.5090409@gmail.com>

On 20/04/14 06:07, Chris Moline wrote:
> Hi, every time I upgrade okular chrome starts opening two instances. One
> has a dialong saying it couldn't find '%I' and the other has the document I
> want. All I have to do to fix it is to remove %I from the .desktop file.
> How do I preserve this change across upgrades? Alternatively, how do I get
> the '%I' to be expanded properly?
> 
> Sorry if this is asked a lot. My search-fu was not up to the task.
> 

Create the new desktop file in ~/.local/share/applications/okular.desktop

I believe that will override it for your user: it works for me.

Alternatively, add the location of the original desktop file to
pacman.conf NoUpgrade and pacman won't update it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1031 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140422/226d1243/attachment.asc>

From felixonmars at gmail.com  Tue Apr 22 11:55:43 2014
From: felixonmars at gmail.com (Felix Yan)
Date: Tue, 22 Apr 2014 23:55:43 +0800
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <5355bcd8.0661e00a.7564.58a3SMTPIN_ADDED_MISSING@mx.google.com>
References: <5355bcd8.0661e00a.7564.58a3SMTPIN_ADDED_MISSING@mx.google.com>
Message-ID: <4642387.ocI5jyjfTA@felix-arch>

On Monday, April 21, 2014 20:49:58 Wayne S wrote:
> I "was" using arch linux box as a firewall router. I have a verizon fios
> connection that still uses the old pppoe. Recently the pppoe connection
> upload bandwidth went down to < 50kbps (normally it is >25Mbps), however
> the download bandwidth is still around 58Mbps.

I'm having a same problem.

Just tried to either use linux-lts or downgrade linux to < 3.14 (like, 3.13.8) 
and it works properly. Could you confirm this?

Regards,
Felix Yan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140422/74540607/attachment.asc>

From linux at zuik.net  Tue Apr 22 22:14:00 2014
From: linux at zuik.net (Wayne S)
Date: Tue, 22 Apr 2014 22:14:00 -0400
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <53564509.4050107@xs4all.nl>
References: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
 <53564509.4050107@xs4all.nl>
Message-ID: <mailman.3.1398219248.3660.arch-general@archlinux.org>

At 4/22/2014 06:31 AM, Lone Wolf wrote:

Thanks for the points LoneVVolf. Much appreciated. I'm having difficulty testing at the moment as it means converting the router into a stand alone system to update, then convert back. Time consuming and network outage. When I get a chance I will test further.

>On 22-04-14 02:49, Wayne S wrote:
>>No answers on previous post so starting new topic.
>>
>>Recent updates have caused problems with my PPPoE FIOS link. The upload speed has been reduced to near zero.
>>
>>I "was" using arch linux box as a firewall router. I have a verizon fios connection that still uses the old pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normally it is >25Mbps), however the download bandwidth is still around 58Mbps.
>>
>>There was a recent thread about recompiling PPP to 2.4.6, however, whatever this change did in recent updates, has broken my router PPP connection upload speed.
>What was the previous version of ppp that did work ?

There was some discussion in February subject: "ppp 2.4.6 in testing breaks"
And the needs to recompile some ppp things, so I'm assuming those testing recompiles went into the recent releases? 2.4.5 was working. I'm not sure how to downgrade to them to test.

>>During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. I see no errors.
>latest rp-ppoe version in repos is 3.11.5 , have you tried with that version ?
>please post a complete log of a boot.

If 3.11.5 is the latest version of rp-pppoe, it did not update with recent updates, as the version in my logs is 3.8d. Oherwise, there is nothing unusual in the boot log.

>>I switched over to using the Verizon actiontec fios router and it works OK. I switched over to an archlinuxarm on a Utilite computer, and it works OK.
>what version of ppp /rp-ppoe does the archlinuxarm system use ?
>Have you compared the arm PKGBUILDs with the x86_64/i686 PKGBUILDs ?

No, but the arm build is behind x86_64. So has probably not seen these updates that breaks pppoe.

>>  I built a new arch based firewall router on a different computer, and it has the same problem with the latest Arch on my existing router. Which leads me to conclude that something went wrong with pppoe after the recompile to 2.4.6.
>>
>>Any help would be welcome on what is going on, or how to diagnose.
>>
>>Wayne
>Was the new arch based fw router a fresh install, or an existing system ?

Arm was an existing install, fully upated from latest http://archlinuxarm.org/platforms/armv7/freescale/utilite however arm linux is behind x86 versions.

>Note : I know a bit about the ppp/rp-pppoe protocols but next to nothing about it's practical use.
>My questions are intended to get information that will help troubleshooting this.
>
>Lone_Wolf

Just my guess that the 3.5d rp-pppoe not matching the version in repos 3.11.5 version, and not getting in the update may be the problem? I'm not in a position to fully test at the moment, since this is my main internet connection that I need to keep up.

Whatever the issue, pppoe broke recently in the updates and in fresh installs on different hardware. It is unfortunate that Verizon cannot simply change my verizon fios connection to a simple dhcp connection without a lot of hassle rather than insist on ancient pppoe for fios.

Wayne S


From mysatyre at gmail.com  Wed Apr 23 03:03:22 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Wed, 23 Apr 2014 09:03:22 +0200
Subject: [arch-general] CONFIG_TCP_CONG_VENO on Wifi link with a laptop
In-Reply-To: <1398137893.20955.65.camel@Wailaba2>
References: <1398137893.20955.65.camel@Wailaba2>
Message-ID: <CAONKL1CyQUiVFcRCN3_DQMMQM_UTJn7_bxzmhdnK3npGPH+cBw@mail.gmail.com>

On Tue, Apr 22, 2014 at 5:38 AM, Olivier Langlois
<olivier at olivierlanglois.net> wrote:
> does anyone had a positive experience with this TCP congestion avoidance
> method with this particular setup?


Hmm. I want to try this.

From mysatyre at gmail.com  Wed Apr 23 03:35:13 2014
From: mysatyre at gmail.com (=?UTF-8?Q?Martti_K=C3=BChne?=)
Date: Wed, 23 Apr 2014 09:35:13 +0200
Subject: [arch-general] CONFIG_TCP_CONG_VENO on Wifi link with a laptop
In-Reply-To: <CAONKL1CyQUiVFcRCN3_DQMMQM_UTJn7_bxzmhdnK3npGPH+cBw@mail.gmail.com>
References: <1398137893.20955.65.camel@Wailaba2>
 <CAONKL1CyQUiVFcRCN3_DQMMQM_UTJn7_bxzmhdnK3npGPH+cBw@mail.gmail.com>
Message-ID: <CAONKL1AyUKO+qW1fTc7VmtfgHiaSC+N=ZY7wNQE4u64W8WTcXw@mail.gmail.com>

On Wed, Apr 23, 2014 at 9:03 AM, Martti K?hne <mysatyre at gmail.com> wrote:
> On Tue, Apr 22, 2014 at 5:38 AM, Olivier Langlois
> <olivier at olivierlanglois.net> wrote:
>> does anyone had a positive experience with this TCP congestion avoidance
>> method with this particular setup?
>
>
> Hmm. I want to try this.

the stock kernel actually ships tcp_veno.
this is how to set it up:

# echo tcp_veno > /etc/modules-load.d/tcp_veno.conf
# echo net.ipv4.tcp_congestion_control = veno > /etc/sysctl.d/tcp_veno.conf

I'm trying it for my laptop right now. Nothing out of the ordinary
happened, I haven't tested the throughput since, but it's working
fine.

cheers!
mar77i

From ralf.mardorf at rocketmail.com  Wed Apr 23 06:05:31 2014
From: ralf.mardorf at rocketmail.com (Ralf Mardorf)
Date: Wed, 23 Apr 2014 12:05:31 +0200
Subject: [arch-general] How do I preserve changes to okular.desktop?
In-Reply-To: <535663A1.5090409@gmail.com>
References: <CAPj_-SDxFs86DO1vzub1h8fp3O-kQAkV1OXWuXOfks+71mPvGg@mail.gmail.com>
 <535663A1.5090409@gmail.com>
Message-ID: <1398247531.859.13.camel@archlinux>


On Tue, 2014-04-22 at 22:42 +1000, Robbie Smith wrote:
> Alternatively, add the location of the original desktop file to
> pacman.conf NoUpgrade and pacman won't update it.

IIUC without the first "/" of the path [1].

JFTR the package itself, including an unwanted file, but containing
other files too, still will be upgraded, just the unwanted file won't be
upgraded?

I for example haven't GNOME installed, but from time to time I get

[rocketmouse at archlinux ~]$ ls /usr/share/xsessions/gnome*
/usr/share/xsessions/gnome.desktop           /usr/share/xsessions/gnome-fallback.desktop
/usr/share/xsessions/gnome.desktop.disabled  /usr/share/xsessions/gnome-fallback.desktop.disabled

to remove or "disable" them all the times is annoying.

So I have to add usr/share/xsessions/gnome.desktop
usr/share/xsessions/gnome-fallback.desktop to NoUpgrade, without a "/"
at the beginning [1]?

[1] "NoUpgrade = file ?
All files listed with a NoUpgrade directive will never be touched during
a package install/upgrade, and the new files will be installed with
a .pacnew extension. These files refer to files in the package archive,
so do not include the leading slash (the RootDir) when specifying them.
Shell-style glob patterns are allowed." -
https://www.archlinux.org/pacman/pacman.conf.5.html



From ralf.mardorf at rocketmail.com  Wed Apr 23 06:17:04 2014
From: ralf.mardorf at rocketmail.com (Ralf Mardorf)
Date: Wed, 23 Apr 2014 12:17:04 +0200
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <201404230214.s3N2EBZS019987@mail38c50.megamailservers.eu>
References: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
 <53564509.4050107@xs4all.nl>
 <201404230214.s3N2EBZS019987@mail38c50.megamailservers.eu>
Message-ID: <1398248224.859.15.camel@archlinux>

On Tue, 2014-04-22 at 22:14 -0400, Wayne S wrote:
> I'm not sure how to downgrade to them to test.

https://aur.archlinux.org/packages/downgrade/

JFTR I'm using PPPoE too, but don't do uploads and tend to use oldish
linux-rt kernels, so I can't say anything about the upload issue.



From eduardo.machado at gmail.com  Wed Apr 23 06:41:30 2014
From: eduardo.machado at gmail.com (Eduardo Machado)
Date: Wed, 23 Apr 2014 07:41:30 -0300
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <5352f346.4e0ce00a.2208.444f@mx.google.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <5352f346.4e0ce00a.2208.444f@mx.google.com>
Message-ID: <CAKXVDZee4BrXeiUUnO84Z-WX_NW6rgaRg5Zu3DaUCAJO5hnk8A@mail.gmail.com>

2014-04-19 19:05 GMT-03:00 fsckd <fsckdaemon at gmail.com>:

> Class is over. :) Those of you who missed it, don't worry. Logs are
> available.
>
> 9:30 UTC class
> https://archwomen.org/media/project_classroom/classlogs/
> 2014-04-19-pkgbuilds_09%3a30-UTC.txt
>
> 16:00 UTC class
> https://archwomen.org/media/project_classroom/classlogs/
> 2014-04-19-pkgbuilds_16%3a00-UTC.txt
>
> Regards,
> fsckd
>

Really thanks!

From emvigo at gmail.com  Wed Apr 23 07:03:13 2014
From: emvigo at gmail.com (Eugenio M. Vigo)
Date: Wed, 23 Apr 2014 13:03:13 +0200
Subject: [arch-general] [Classroom] Intro. to PKGBUILD class - April 19th
In-Reply-To: <CAKXVDZee4BrXeiUUnO84Z-WX_NW6rgaRg5Zu3DaUCAJO5hnk8A@mail.gmail.com>
References: <534844b0.0d37e00a.0af7.ffffaa4e@mx.google.com>
 <5352f346.4e0ce00a.2208.444f@mx.google.com>
 <CAKXVDZee4BrXeiUUnO84Z-WX_NW6rgaRg5Zu3DaUCAJO5hnk8A@mail.gmail.com>
Message-ID: <CAK6UhHeOGK=dDA-EN2vS78ZX6BkgvKXv+FFMHJAmbWVPGJmcWw@mail.gmail.com>

Thanks! This will help me with a little project I intend to upload to the
AUR in the near future.
Cheers!
El 23/04/2014 12:42, "Eduardo Machado" <eduardo.machado at gmail.com> escribi?:

> 2014-04-19 19:05 GMT-03:00 fsckd <fsckdaemon at gmail.com>:
>
> > Class is over. :) Those of you who missed it, don't worry. Logs are
> > available.
> >
> > 9:30 UTC class
> > https://archwomen.org/media/project_classroom/classlogs/
> > 2014-04-19-pkgbuilds_09%3a30-UTC.txt
> >
> > 16:00 UTC class
> > https://archwomen.org/media/project_classroom/classlogs/
> > 2014-04-19-pkgbuilds_16%3a00-UTC.txt
> >
> > Regards,
> > fsckd
> >
>
> Really thanks!
>

From anatol.pomozov at gmail.com  Wed Apr 23 12:28:13 2014
From: anatol.pomozov at gmail.com (Anatol Pomozov)
Date: Wed, 23 Apr 2014 09:28:13 -0700
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
Message-ID: <CAOMFOmVX7b15ryach0SM+tdKC5drdT4i043NtUPLMsXsDEcsEQ@mail.gmail.com>

Hi,

As there is no strong consensus on what to do with Android development
tools then I am going to leave the situation as-is. Arch users will
keep either installing the packages using Android installer or by AUR
packages.

I am going to move packages android-tool and android-udev to
[community]. These are small packages that many people find useful.

From artafinde at gmail.com  Wed Apr 23 13:10:16 2014
From: artafinde at gmail.com (Leonidas Spyropoulos)
Date: Wed, 23 Apr 2014 18:10:16 +0100
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <53504601.4010907@babioch.de>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <534F0931.3070704@babioch.de> <534F3AFC.3070103@gmail.com>
 <534F7290.1010805@babioch.de> <534F7A72.2050405@gmail.com>
 <53504601.4010907@babioch.de>
Message-ID: <CAAeznTrnB-9CxOQiPuXzyE=Mr-B1tft1yBnZ_cw_gBdmFXp+nw@mail.gmail.com>

Hello

On Thu, Apr 17, 2014 at 10:22 PM, Karol Babioch <karol at babioch.de> wrote:
> Hi,
>
> Am 17.04.2014 08:53, schrieb Daniel Micay:
>> I think it's best to just install it to your home directory without
>> involving the system package manager if you want to use the android
>> package manager for anything.
>
> So you are managing all of this alone and don't use the packages in AUR
> at all? At least android-udev seems useful? Where do you store your SDK?
> Have you added something to your PATH? I'm just looking for good
> practices here, so thanks for any replies!
>

I've been coding for Android for some time now. I found the
android-udev and android-tools packages very useful but apart from
that I've downloaded and "installed" locally the Android SDK and IDE
(Android Studio is my preference). I manage android updates separately
without the use of a package manager (or aur). As you understand I had
to specify the paths on my profile. The Android SDK is installed under
home (along with multiple jdk versions)

[...]


On Wed, Apr 23, 2014 at 5:28 PM, Anatol Pomozov
<anatol.pomozov at gmail.com> wrote:
> Hi,
>
> As there is no strong consensus on what to do with Android development
> tools then I am going to leave the situation as-is. Arch users will
> keep either installing the packages using Android installer or by AUR
> packages.
>
> I am going to move packages android-tool and android-udev to
> [community]. These are small packages that many people find useful.

I agree with this approach.

Thanks,
Leonidas

-- 
Caution: breathing may be hazardous to your health.

#include <stdio.h>

-- 
Caution: breathing may be hazardous to your health.

#include <stdio.h>
int main(){printf("%s","\x4c\x65\x6f\x6e\x69\x64\x61\x73");}

From mx34567 at gmail.com  Thu Apr 24 11:20:24 2014
From: mx34567 at gmail.com (Maciej Puzio)
Date: Thu, 24 Apr 2014 10:20:24 -0500
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
Message-ID: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>

[This is a comment to arch-dev-public thread "Use systemd timers
instead of /etc/cron.{hourly, daily, weekly, monthly}?". As I was
unable to post to that list, I am following instructions provided by
the list server by sending this message to arch-general and the author
of the original thread. I'd like to mention that I also tried and was
not able to file a bug report on this issue, due to bug tracker server
failing to send a registration code. The original thread can be viewed
here: http://comments.gmane.org/gmane.linux.arch.devel/20644  ]

I am sorry to say that the decision to replace cron.daily tasks with
systemd timers is causing problems. After a routine update I noticed
that my machines now perform daily maintenance tasks exactly at
midnight. Not only is this time not optimal (too early), but all
machines perform their maintenance at the same moment, which is far
from ideal, especially for servers. Previously I had each server to
perform daily cron jobs at various times, spread between 3 and 6am. On
my machines this affects updatedb, man-db, logrotate and shadow,
updatedb generating a lot of I/O and thus being the most problematic.
I was not able to find any way to configure systemd to fire daily
calendar timers at a different time of the day (please correct me if I
missed something). So far I found two workarounds:

1. Override timer files and set OnCalendar with a specific time,
rather than "daily". This has to be done separately for each timer.
2. Restore cron.daily scripts and mask relevant systemd services and
timers (i.e. revert the configuration to what it was before the
update). The resulting config is simpler to manage than the first
workaround (no separate time settings for each task), so I went with
this one.

I am not sure what to suggest as a general fix for this issue, other
than a feature request to systemd upstream maintainers. I guess it is
too late to roll back the changes in affected Arch packages. I am
posting this for other users looking for a solution to this problem.

Thanks
Maciej Puzio

From thomas at archlinux.org  Thu Apr 24 12:18:53 2014
From: thomas at archlinux.org (=?UTF-8?B?VGhvbWFzIELDpGNobGVy?=)
Date: Thu, 24 Apr 2014 18:18:53 +0200
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
In-Reply-To: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
References: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
Message-ID: <5359396D.6070407@archlinux.org>

Am 24.04.2014 17:20, schrieb Maciej Puzio:
> I am sorry to say that the decision to replace cron.daily tasks with
> systemd timers is causing problems. After a routine update I noticed
> that my machines now perform daily maintenance tasks exactly at
> midnight. Not only is this time not optimal (too early), but all
> machines perform their maintenance at the same moment, which is far
> from ideal, especially for servers. Previously I had each server to
> perform daily cron jobs at various times, spread between 3 and 6am. On
> my machines this affects updatedb, man-db, logrotate and shadow,
> updatedb generating a lot of I/O and thus being the most problematic.
> I was not able to find any way to configure systemd to fire daily
> calendar timers at a different time of the day (please correct me if I
> missed something). So far I found two workarounds:

This is supposed to be handled by the AccuracySec=, which is supposed to
schedule timers at random times within the specified interval (in our
case, 12h). I have no idea why this doesn't work, it's definitely worth
looking into.

> 1. Override timer files and set OnCalendar with a specific time,
> rather than "daily". This has to be done separately for each timer.

Yes, bad solution. As I said above, we should try to figure out why
AccurarySec= doesn't do anything first.

> 2. Restore cron.daily scripts and mask relevant systemd services and
> timers (i.e. revert the configuration to what it was before the
> update). The resulting config is simpler to manage than the first
> workaround (no separate time settings for each task), so I went with
> this one.

This shouldn't be a permanent solution.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140424/57f566a7/attachment-0001.asc>

From drankinatty at suddenlinkmail.com  Fri Apr 25 03:41:07 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Fri, 25 Apr 2014 02:41:07 -0500
Subject: [arch-general] Does openssl 1.0.1.g-1 close the heartbleed exploit?
Message-ID: <535A1193.6060708@suddenlinkmail.com>

Guys,

  I was testing my boxes after updating to openssl 1.0.1.g-1 with heartbleed.c
and I am still able to grab and decrypt ssl packets. The openssl security note
says 1.0.1.g is not effected by the bug, but I can still get a 64k chuck of data
back from my server using the heartbleed.c test. (if I'm reading the output
correctly) Am I may be doing something wrong? It is worth asking to be sure.

Archlinux server: phoinix - openssl 1.0.1.g-1

from client machine:

 $ ./heartbleed386 -s 192.168.7.16 -p 443 -f outph -t 1
[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit
[ =============================================================
[ connecting to 192.168.7.16 443/tcp
[ connected to 192.168.7.16 443/tcp
[ <3 <3 <3 heart bleed <3 <3 <3
[ heartbeat returned type=24 length=16408
[ decrypting SSL packet
[ heartbleed leaked length=65535
[ final record type=24, length=16384
[ wrote 16381 bytes of heap to file 'outph'
[ heartbeat returned type=24 length=16408
[ decrypting SSL packet
[ final record type=24, length=16384
[ wrote 16384 bytes of heap to file 'outph'
[ heartbeat returned type=24 length=16408
[ decrypting SSL packet
[ final record type=24, length=16384
[ wrote 16384 bytes of heap to file 'outph'
[ heartbeat returned type=24 length=16408
[ decrypting SSL packet
[ final record type=24, length=16384
[ wrote 16384 bytes of heap to file 'outph'
[ heartbeat returned type=24 length=42
[ decrypting SSL packet
[ final record type=24, length=18
[ wrote 18 bytes of heap to file 'outph'
[ done.
 $ ls -al outph
-rwx------ 1 david david 65554 Apr 25 01:43 outph
 $ hexdump -C outph
00000000  52 74 59 da c6 d0 3a 5d  35 7e 33 fc 43 de e5 bb  |RtY...:]5~3.C...|
00000010  31 a2 ca c1 30 ff 5a e7  fd 28 52 4a 3c 18 51 4b  |1...0.Z..(RJ<.QK|
00000020  93 1e 2e 7b 41 58 e2 79  58 b8 26 f4 a0 d2 11 22  |...{AX.yX.&...."|
00000030  4d bc 62 54 7c 59 5c 63  11 42 fe 88 00 87 c0 32  |M.bT|Y\c.B.....2|
00000040  c0 2e c0 2a c0 26 c0 0f  c0 05 00 9d 00 3d 00 35  |...*.&.......=.5|
00000050  00 84 c0 12 c0 08 c0 1c  c0 1b 00 16 00 13 c0 0d  |................|
00000060  c0 03 00 0a c0 2f c0 2b  c0 27 c0 23 c0 13 c0 09  |...../.+.'.#....|
00000070  c0 1f c0 1e 00 a2 00 9e  00 67 00 40 00 33 00 32  |.........g. at .3.2|
00000080  00 9a 00 99 00 45 00 44  c0 31 c0 2d c0 29 c0 25  |.....E.D.1.-.).%|
00000090  c0 0e c0 04 00 9c 00 3c  00 2f 00 96 00 41 00 07  |.......<./...A..|
000000a0  c0 11 c0 07 c0 0c c0 02  00 05 00 04 00 15 00 12  |................|
000000b0  00 09 00 14 00 11 00 08  00 06 00 03 00 ff 02 01  |................|
000000c0  00 01 32 00 0b 00 04 03  00 01 02 00 0a 00 34 00  |..2...........4.|
000000d0  32 00 0e 00 0d 00 19 00  0b 00 0c 00 18 00 09 00  |2...............|
000000e0  0a 00 16 00 17 00 08 00  06 00 07 00 14 00 15 00  |................|
000000f0  04 00 05 00 12 00 13 00  01 00 02 00 03 00 0f 00  |................|
00000100  10 00 11 00 23 00 00 00  0d 00 20 00 1e 06 01 06  |....#..... .....|
00000110  02 06 03 05 01 05 02 05  03 04 01 04 02 04 03 03  |................|
00000120  01 03 02 03 03 02 01 02  02 02 03 00 0f 00 01 01  |................|
00000130  00 15 00 c1 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000140  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000001f0  00 00 00 00 00 5c c0 5d  c0 5e c0 5f c0 60 c0 61  |.....\.].^._.`.a|
00000200  c0 62 c0 63 c0 64 c0 65  c0 66 c0 67 c0 68 c0 69  |.b.c.d.e.f.g.h.i|
00000210  c0 6a c0 6b c0 6c c0 6d  c0 6e c0 6f c0 70 c0 71  |.j.k.l.m.n.o.p.q|
00000220  c0 72 c0 73 c0 74 c0 75  c0 76 c0 77 c0 78 c0 79  |.r.s.t.u.v.w.x.y|
00000230  c0 7a c0 7b c0 7c c0 7d  c0 7e c0 7f c0 80 c0 81  |.z.{.|.}.~......|
<snip - a lot more, with CN and other cert into visible>

  Can anyone confirm the openssl 1.0.1.g-1 fix against their arch server? The
information I get back in response to heartbleed has been decrypted -- that
leads me to believe the current openssl 1.0.1.g-1 may be suspect as well. Or am
I looking at this wrong?

  The ./heartbleed output that concerns me is:

[ heartbleed leaked length=65535

  However, each of the subsequent calls by ./heartbleed returned only ~16408,
which if I understand correctly is the max that should be returned after the fix:

[ heartbeat returned type=24 length=16408
[ decrypting SSL packet
[ final record type=24, length=16384
[ wrote 16384 bytes of heap to file 'outph'

  Is this the expected fixed behavior, or does this still reflect a
vulnerability present? What say the experts? Thanks.

-- 
David C. Rankin, J.D.,P.E.

From gsnijders at gmail.com  Fri Apr 25 03:47:25 2014
From: gsnijders at gmail.com (Guus Snijders)
Date: Fri, 25 Apr 2014 09:47:25 +0200
Subject: [arch-general] Does openssl 1.0.1.g-1 close the heartbleed
	exploit?
In-Reply-To: <535A1193.6060708@suddenlinkmail.com>
References: <535A1193.6060708@suddenlinkmail.com>
Message-ID: <CAHntV0CLWW26kPNtcHeYgqnVSyp1MW8JxDUsMCGaTP=vdVzbgw@mail.gmail.com>

Op 25 apr. 2014 09:41 schreef "David C. Rankin" <
drankinatty at suddenlinkmail.com> het volgende:
>
> Guys,
>
>   I was testing my boxes after updating to openssl 1.0.1.g-1 with
heartbleed.c
> and I am still able to grab and decrypt ssl packets. The openssl security
note
> says 1.0.1.g is not effected by the bug, but I can still get a 64k chuck
of data
> back from my server using the heartbleed.c test. (if I'm reading the
output
> correctly) Am I may be doing something wrong? It is worth asking to be
sure.

Probably a stupid question, but you did restart the affected daemons (or
system) after the update?
Otherwise, they'll be using the old lib.

mvg, Guus

From dzervas at dzervas.gr  Fri Apr 25 03:48:11 2014
From: dzervas at dzervas.gr (Dimitris Zervas)
Date: Fri, 25 Apr 2014 10:48:11 +0300
Subject: [arch-general] Does openssl 1.0.1.g-1 close the heartbleed
	exploit?
In-Reply-To: <535A1193.6060708@suddenlinkmail.com>
References: <535A1193.6060708@suddenlinkmail.com>
Message-ID: <CAJTPdEpqHcPkO1McTg=RwZ0LPSpPTL6MHmOn7f3W43FPuZz+eg@mail.gmail.com>

I tested my server after the update and found no problems...
On Apr 25, 2014 10:41 AM, "David C. Rankin" <drankinatty at suddenlinkmail.com>
wrote:

> Guys,
>
>   I was testing my boxes after updating to openssl 1.0.1.g-1 with
> heartbleed.c
> and I am still able to grab and decrypt ssl packets. The openssl security
> note
> says 1.0.1.g is not effected by the bug, but I can still get a 64k chuck
> of data
> back from my server using the heartbleed.c test. (if I'm reading the output
> correctly) Am I may be doing something wrong? It is worth asking to be
> sure.
>
> Archlinux server: phoinix - openssl 1.0.1.g-1
>
> from client machine:
>
>  $ ./heartbleed386 -s 192.168.7.16 -p 443 -f outph -t 1
> [ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit
> [ =============================================================
> [ connecting to 192.168.7.16 443/tcp
> [ connected to 192.168.7.16 443/tcp
> [ <3 <3 <3 heart bleed <3 <3 <3
> [ heartbeat returned type=24 length=16408
> [ decrypting SSL packet
> [ heartbleed leaked length=65535
> [ final record type=24, length=16384
> [ wrote 16381 bytes of heap to file 'outph'
> [ heartbeat returned type=24 length=16408
> [ decrypting SSL packet
> [ final record type=24, length=16384
> [ wrote 16384 bytes of heap to file 'outph'
> [ heartbeat returned type=24 length=16408
> [ decrypting SSL packet
> [ final record type=24, length=16384
> [ wrote 16384 bytes of heap to file 'outph'
> [ heartbeat returned type=24 length=16408
> [ decrypting SSL packet
> [ final record type=24, length=16384
> [ wrote 16384 bytes of heap to file 'outph'
> [ heartbeat returned type=24 length=42
> [ decrypting SSL packet
> [ final record type=24, length=18
> [ wrote 18 bytes of heap to file 'outph'
> [ done.
>  $ ls -al outph
> -rwx------ 1 david david 65554 Apr 25 01:43 outph
>  $ hexdump -C outph
> 00000000  52 74 59 da c6 d0 3a 5d  35 7e 33 fc 43 de e5 bb
>  |RtY...:]5~3.C...|
> 00000010  31 a2 ca c1 30 ff 5a e7  fd 28 52 4a 3c 18 51 4b
>  |1...0.Z..(RJ<.QK|
> 00000020  93 1e 2e 7b 41 58 e2 79  58 b8 26 f4 a0 d2 11 22
>  |...{AX.yX.&...."|
> 00000030  4d bc 62 54 7c 59 5c 63  11 42 fe 88 00 87 c0 32
>  |M.bT|Y\c.B.....2|
> 00000040  c0 2e c0 2a c0 26 c0 0f  c0 05 00 9d 00 3d 00 35
>  |...*.&.......=.5|
> 00000050  00 84 c0 12 c0 08 c0 1c  c0 1b 00 16 00 13 c0 0d
>  |................|
> 00000060  c0 03 00 0a c0 2f c0 2b  c0 27 c0 23 c0 13 c0 09
>  |...../.+.'.#....|
> 00000070  c0 1f c0 1e 00 a2 00 9e  00 67 00 40 00 33 00 32  |.........g.@
> .3.2|
> 00000080  00 9a 00 99 00 45 00 44  c0 31 c0 2d c0 29 c0 25
>  |.....E.D.1.-.).%|
> 00000090  c0 0e c0 04 00 9c 00 3c  00 2f 00 96 00 41 00 07
>  |.......<./...A..|
> 000000a0  c0 11 c0 07 c0 0c c0 02  00 05 00 04 00 15 00 12
>  |................|
> 000000b0  00 09 00 14 00 11 00 08  00 06 00 03 00 ff 02 01
>  |................|
> 000000c0  00 01 32 00 0b 00 04 03  00 01 02 00 0a 00 34 00
>  |..2...........4.|
> 000000d0  32 00 0e 00 0d 00 19 00  0b 00 0c 00 18 00 09 00
>  |2...............|
> 000000e0  0a 00 16 00 17 00 08 00  06 00 07 00 14 00 15 00
>  |................|
> 000000f0  04 00 05 00 12 00 13 00  01 00 02 00 03 00 0f 00
>  |................|
> 00000100  10 00 11 00 23 00 00 00  0d 00 20 00 1e 06 01 06  |....#.....
> .....|
> 00000110  02 06 03 05 01 05 02 05  03 04 01 04 02 04 03 03
>  |................|
> 00000120  01 03 02 03 03 02 01 02  02 02 03 00 0f 00 01 01
>  |................|
> 00000130  00 15 00 c1 00 00 00 00  00 00 00 00 00 00 00 00
>  |................|
> 00000140  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00
>  |................|
> *
> 000001f0  00 00 00 00 00 5c c0 5d  c0 5e c0 5f c0 60 c0 61
>  |.....\.].^._.`.a|
> 00000200  c0 62 c0 63 c0 64 c0 65  c0 66 c0 67 c0 68 c0 69
>  |.b.c.d.e.f.g.h.i|
> 00000210  c0 6a c0 6b c0 6c c0 6d  c0 6e c0 6f c0 70 c0 71
>  |.j.k.l.m.n.o.p.q|
> 00000220  c0 72 c0 73 c0 74 c0 75  c0 76 c0 77 c0 78 c0 79
>  |.r.s.t.u.v.w.x.y|
> 00000230  c0 7a c0 7b c0 7c c0 7d  c0 7e c0 7f c0 80 c0 81
>  |.z.{.|.}.~......|
> <snip - a lot more, with CN and other cert into visible>
>
>   Can anyone confirm the openssl 1.0.1.g-1 fix against their arch server?
> The
> information I get back in response to heartbleed has been decrypted -- that
> leads me to believe the current openssl 1.0.1.g-1 may be suspect as well.
> Or am
> I looking at this wrong?
>
>   The ./heartbleed output that concerns me is:
>
> [ heartbleed leaked length=65535
>
>   However, each of the subsequent calls by ./heartbleed returned only
> ~16408,
> which if I understand correctly is the max that should be returned after
> the fix:
>
> [ heartbeat returned type=24 length=16408
> [ decrypting SSL packet
> [ final record type=24, length=16384
> [ wrote 16384 bytes of heap to file 'outph'
>
>   Is this the expected fixed behavior, or does this still reflect a
> vulnerability present? What say the experts? Thanks.
>
> --
> David C. Rankin, J.D.,P.E.
>

From heikobecker92 at gmail.com  Fri Apr 25 04:09:00 2014
From: heikobecker92 at gmail.com (Heiko Becker)
Date: Fri, 25 Apr 2014 10:09:00 +0200
Subject: [arch-general] pacman and keys
In-Reply-To: <53565360.8030703@xbra.de>
References: <53564C53.3080508@gmail.com> <53564EC9.2000704@xbra.de>
 <53564F8D.8090109@gmail.com> <53565360.8030703@xbra.de>
Message-ID: <535A181C.8010701@gmail.com>


On 22.04.2014 13:32, Maximilian Br?utigam wrote:
> Am 22.04.2014 13:16, schrieb Heiko Becker:
>> Am 22.04.2014 13:02, schrieb Heiko Becker:
>>>> Hey,
>>>>
>>>> today I tried to update my system and got errors related to my pacman
>>>> keys.
>>>>
>>>> As I have not been using my computer for a week I reinitialized the
>>>> pacman key database and downloaded the arch linux keys with pacman-key
>>>> --import archlinux.
>>>>
>>>> After that my libreoffice issues were solved, but now I get the
>>>> following error:
>>>>
>>>> error: jre7-openjdk-headless: signature from "Guillaume ALAUX
>>>> <guillaume at archlinux.org>" is invalid
>>>> :: File
>>>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>>>> is
>>>> corrupted (invalid or corrupted package (PGP signature)).
>>>> Do you want to delete it? [Y/n] Y
>>>> error: failed to commit transaction (invalid or corrupted package)
>>>> Errors occurred, no packages were upgraded.
>>>>
>>>> Can someone help me out?
>>>>
>>>> Best regards,
>>>>
>>>> Heiko
>>>>
>>> Hi Heiko,
>>>
>>> did you try to remove and download the package again since it states
>>> that the package is corrupted?
>>>
>>> # rm
>>> /var/cache/pacman/pkg/jre7-openjdk-headless-7.u55_2.4.7-1-i686.pkg.tar.xz
>>> # pacman -Syu
>>>
>>> Best,
>>> Max
>> As my full package intergity got lost, I first deleted the complete
>> cache. And I always allowed it to remove the package when it asked for
>> it. But somehow it worked now.
>>
>> But now I get the following error when doing conflict checks:
>>
>> error: failed to commit transaction (conflicting files)
>> kdelibs: /usr/include/KDE/K3ListViewSearchLine exists in filesystem
>> kdelibs: /usr/include/KDE/K3ListViewSearchLineWidget exists in filesystem
>> kdelibs: /usr/include/KDE/K3MacroCommand exists in filesystem
>> kdelibs: /usr/include/KDE/K3MultipleDrag exists in filesystem
>> kdelibs: /usr/include/KDE/K3NamedCommand exists in filesystem
>> kdelibs: /usr/include/KDE/K3PopupMenu exists in filesystem
>> kdelibs: /usr/include/KDE/K3Process exists in filesystem
>> kdelibs: /usr/include/KDE/K3ProcessController exists in filesystem
>> kdelibs: /usr/include/KDE/K3RFCDate exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellConfig exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellDlg exists in filesystem
>> kdelibs: /usr/include/KDE/K3SpellingHighlighter exists in filesystem
>> kdelibs: /usr/include/KDE/K3StaticDeleterBase exists in filesystem
>> kdelibs: /usr/include/KDE/K3SyntaxHighlighter exists in filesystem
>> kdelibs: /usr/include/KDE/K3URLDrag exists in filesystem
>> kdelibs: /usr/include/KDE/K3Wizard exists in filesystem
>> kdelibs: /usr/include/KDE/KAboutPerson exists in filesystem
>> kdelibs: /usr/include/KDE/KAcceleratorManager exists in filesystem
>> kdelibs: /usr/include/KDE/KAction exists in filesystem
>> kdelibs: /usr/include/KDE/KActionMenu exists in filesystem
>> kdelibs: /usr/include/KDE/KActionSelector exists in filesystem
>> kdelibs: /usr/include/KDE/KAr exists in filesystem
>> kdelibs: /usr/include/KDE/KArchive exists in filesystem
>> kdelibs: /usr/include/KDE/KArchiveDirectory exists in filesystem
>> kdelibs: /usr/include/KDE/KArrowButton exists in filesystem
>> kdelibs: /usr/include/KDE/KAscii exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/Action exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/ActionReply exists in filesystem
>> kdelibs: /usr/include/KDE/KAuth/ActionWatcher exists in filesystem
>> kdelibs: /usr/include/KDE/KAuthorized exists in filesystem
>> kdelibs: /usr/include/KDE/KAutoMount exists in filesystem
>> kdelibs: /usr/include/KDE/KAutoSaveFile exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmark exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkAction exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkActionMenu exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkDialog exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkDomBuilder exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkGroupTraverser exists in filesystem
>> kdelibs: /usr/include/KDE/KBookmarkImporterBase exists in filesystem
>> Errors occurred, no packages were upgraded.
>>
>>
>> Heiko
>>
>>
>
> I do not know what when wrong here and you should wait for better help.
> But if you are willing to force pacman to upgrade then make a backup and try
>
> # pacman -S --force --asdeps kdelibs
>
> """
> --asdeps
>             Install packages non-explicitly; in other words, fake their
> install reason to be installed as a dependency. This is useful for
> makepkg and other build from source tools that need to install
>             dependencies before building the package.
>
> --force
>             Bypass file conflict checks and overwrite conflicting files.
> If the package that is about to be installed contains files that are
> already installed, this option will cause all those files to
>             be overwritten. Using --force will not allow overwriting a
> directory with a file or installing packages with conflicting files and
> directories. This option should be used with care, ideally
>             not at all.
> """
>
> Best,
> Max

Me again ...

Today I tried the update again. When using LANG=de_DE.UTF-8 everything 
runs as reported. When setting LANG=C before everything gets updated but 
I get some strange systemd errors on update:
( 6/64) upgrading systemd 
[--------------------------------------------------] 100%
Error, DATA expected but got 'OUI:008 7C*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' IDOOUI_FRO__DATABAQE=FIBERAOM, INC.' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got 'OUI:00(081*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' ID_OUI_FROM_DATABASE=KENDALL SQUARE 
RESEARCH CORP.' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got OUI:008"83*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' IDMOUI_FROM_DATABASE=AMDAHL' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got empty line in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got 'OUI:008088*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' ID_OUI_FROM_DATABASE=VICTOR COMPANY OF 
JAPAN, LTD.' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got 'OUI:00808E*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' IDMOUI_FROO_DATABACE=RADSTONE 
TECHNOLOGY' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got empty line in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, key/value pair expected but got ' ID_OWI_FROM_FATABASE?Silex 
Tuchnologi, Inc.' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got 'OUI:00(095*' in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, MATCH expected but got ' ID_OUI_FROM_DATABASE=BASIC MERTON 
HANDELSGES.M.B.H.' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, DATA expected but got empty line in 
'/usr/lib/udev/hwdb.d/20-OUI.hwdb':
Error, key/value pair expected but got ' ID_OUI_FROM_TATABASE?JUSTSYSFEM 
CORPORATION' in '/usr/lib/udev/hwdb.d/20-OUI.hwdb':

Is this worth a bug report?

Best regards,

Heiko


From enwukaer at gmail.com  Fri Apr 25 04:15:13 2014
From: enwukaer at gmail.com (Nowaker)
Date: Fri, 25 Apr 2014 10:15:13 +0200
Subject: [arch-general] Does openssl 1.0.1.g-1 close the heartbleed
	exploit?
In-Reply-To: <535A1193.6060708@suddenlinkmail.com>
References: <535A1193.6060708@suddenlinkmail.com>
Message-ID: <535A1991.1030405@gmail.com>

>    I was testing my boxes after updating to openssl 1.0.1.g-1 with heartbleed.c
> and I am still able to grab and decrypt ssl packets.

Most probably you didn't restart the services that link to openssl.

lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | grep libssl | 
sort -u

https://mailman.archlinux.org/pipermail/arch-general/2014-April/035824.html

-- 
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu

From linux at zuik.net  Fri Apr 25 08:25:12 2014
From: linux at zuik.net (Wayne S)
Date: Fri, 25 Apr 2014 08:25:12 -0400
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <53564509.4050107@xs4all.nl>
References: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
 <53564509.4050107@xs4all.nl>
Message-ID: <mailman.4.1398428722.3660.arch-general@archlinux.org>

At 4/22/2014 06:31 AM, Lone Wolf wrote:
>On 22-04-14 02:49, Wayne S wrote:
>>
>>Recent updates have caused problems with my PPPoE FIOS link. The upload speed has been reduced to near zero.
>>
>>I "was" using arch linux box as a firewall router. I have a verizon fios connection that still uses the old pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normally it is >25Mbps), however the download bandwidth is still around 58Mbps.
>>
>>There was a recent thread about recompiling PPP to 2.4.6, however, whatever this change did in recent updates, has broken my router PPP connection upload speed.

>What was the previous version of ppp that did work ?

The previous pppd that worked was probably 2.4.5, but I have not kept accurate records of when the problem started. Or it may have been 2.4.6 and just the recent update broke ppp.

It is not hardware related as I tested on two systems with different ethernet nics.

I was curious about the thread back in Feburary relating to PPP
https://mailman.archlinux.org/pipermail/arch-general/2014-February/035128.html
and if those changes from testing in february have now broken ppp in recent releases?

>>During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. I see no errors.
>latest rp-ppoe version in repos is 3.11.5 , have you tried with that version ?

I have the latest rp-pppoe 3.11.5 and it makes no difference other than it says "3.8p compiled against pppd 2.4.6" during boot.

>Was the new arch based fw router a fresh install, or an existing system ?

Firewall was existing system, which had been running fine since august 2013. Only a recent update broke pppoe.

I have now switched the router to ubuntu server 14.04 and am back to 60Mbps download and 30Mbps upload speed. The previous upload was so slow just simple browsing would hang.

Wayne




From daniel.petre at gmail.com  Fri Apr 25 08:26:39 2014
From: daniel.petre at gmail.com (Daniel Petre)
Date: Fri, 25 Apr 2014 15:26:39 +0300
Subject: [arch-general] PPPoE broken on upload
In-Reply-To: <535a543b.8420e00a.43f1.7eb9SMTPIN_ADDED_MISSING@mx.google.com>
References: <201404220050.s3M0oSX1001048@mxdrop161.xs4all.nl>
 <53564509.4050107@xs4all.nl>
 <535a543b.8420e00a.43f1.7eb9SMTPIN_ADDED_MISSING@mx.google.com>
Message-ID: <535A547F.6050902@gmail.com>

On 25/04/14 15:25, Wayne S wrote:
> At 4/22/2014 06:31 AM, Lone Wolf wrote:
>> On 22-04-14 02:49, Wayne S wrote:
>>>
>>> Recent updates have caused problems with my PPPoE FIOS link. The upload speed has been reduced to near zero.
>>>
>>> I "was" using arch linux box as a firewall router. I have a verizon fios connection that still uses the old pppoe. Recently the pppoe connection upload bandwidth went down to < 50kbps (normally it is >25Mbps), however the download bandwidth is still around 58Mbps.
>>>
>>> There was a recent thread about recompiling PPP to 2.4.6, however, whatever this change did in recent updates, has broken my router PPP connection upload speed.
>
>> What was the previous version of ppp that did work ?
>
> The previous pppd that worked was probably 2.4.5, but I have not kept accurate records of when the problem started. Or it may have been 2.4.6 and just the recent update broke ppp.
>
> It is not hardware related as I tested on two systems with different ethernet nics.
>
> I was curious about the thread back in Feburary relating to PPP
> https://mailman.archlinux.org/pipermail/arch-general/2014-February/035128.html
> and if those changes from testing in february have now broken ppp in recent releases?
>
>>> During boot pppd 2.4.6 is started and the message RP-PPPoE plugin version 3.8d compiled against pppd 2.4.6. I see no errors.
>> latest rp-ppoe version in repos is 3.11.5 , have you tried with that version ?
>
> I have the latest rp-pppoe 3.11.5 and it makes no difference other than it says "3.8p compiled against pppd 2.4.6" during boot.
>
>> Was the new arch based fw router a fresh install, or an existing system ?
>
> Firewall was existing system, which had been running fine since august 2013. Only a recent update broke pppoe.
>
> I have now switched the router to ubuntu server 14.04 and am back to 60Mbps download and 30Mbps upload speed. The previous upload was so slow just simple browsing would hang.
>
> Wayne
>
>
>

Hello,
with 3.14.1 i get like 1 Mbit/s upload, with linux-lts (3.0.37) i have 
it as usual at ~ 90 Mbit/s ..

From thiagoperrotta95 at gmail.com  Fri Apr 25 09:18:47 2014
From: thiagoperrotta95 at gmail.com (Thiago Barroso Perrotta)
Date: Fri, 25 Apr 2014 10:18:47 -0300
Subject: [arch-general] Android support in Linux Arch
In-Reply-To: <CAOMFOmVX7b15ryach0SM+tdKC5drdT4i043NtUPLMsXsDEcsEQ@mail.gmail.com>
References: <CAOMFOmX0Qg29UBCXAv+6WFsnyYW6SLM=fwAVjcH-PPb-6VDXeA@mail.gmail.com>
 <CAOMFOmVX7b15ryach0SM+tdKC5drdT4i043NtUPLMsXsDEcsEQ@mail.gmail.com>
Message-ID: <CABOtWurwcA-eO3Aw_yKR7ZAiyhfuJxwEDhocFxtEMZ6BnCLMyQ@mail.gmail.com>

Hello,

Yeah, android-udev would be useful in [community]. And what do you think
about moving android-sdk too?

I personally also find more useful to get updates about Android tools from
it rather than using any package managers or aur pkgbuilds.

/opt could still be its install location.

All the best,

Sent from my Android
On Apr 23, 2014 1:28 PM, "Anatol Pomozov" <anatol.pomozov at gmail.com> wrote:

> Hi,
>
> As there is no strong consensus on what to do with Android development
> tools then I am going to leave the situation as-is. Arch users will
> keep either installing the packages using Android installer or by AUR
> packages.
>
> I am going to move packages android-tool and android-udev to
> [community]. These are small packages that many people find useful.
>

From drankinatty at suddenlinkmail.com  Fri Apr 25 09:46:29 2014
From: drankinatty at suddenlinkmail.com (David C. Rankin)
Date: Fri, 25 Apr 2014 08:46:29 -0500
Subject: [arch-general] Does openssl 1.0.1.g-1 close the heartbleed
	exploit?
In-Reply-To: <CAHntV0CLWW26kPNtcHeYgqnVSyp1MW8JxDUsMCGaTP=vdVzbgw@mail.gmail.com>
References: <535A1193.6060708@suddenlinkmail.com>
 <CAHntV0CLWW26kPNtcHeYgqnVSyp1MW8JxDUsMCGaTP=vdVzbgw@mail.gmail.com>
Message-ID: <535A6735.6080209@suddenlinkmail.com>

On 04/25/2014 02:47 AM, Guus Snijders wrote:
> Probably a stupid question, but you did restart the affected daemons (or
> system) after the update?
> Otherwise, they'll be using the old lib.
> 
> mvg, Guus

No question too stupid -- I had not. (I knew better...)

Thanks, Sorry for the noise.

-- 
David C. Rankin, J.D.,P.E.

From mx34567 at gmail.com  Fri Apr 25 13:26:12 2014
From: mx34567 at gmail.com (Maciej Puzio)
Date: Fri, 25 Apr 2014 12:26:12 -0500
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
In-Reply-To: <5359396D.6070407@archlinux.org>
References: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
 <5359396D.6070407@archlinux.org>
Message-ID: <CACH_MLXCmq+VV2EK+bgn+L+6gJiy-iMmfC+VK1iEmdy0b-yaPg@mail.gmail.com>

> This is supposed to be handled by the AccuracySec=, which is supposed to
> schedule timers at random times within the specified interval (in our
> case, 12h). I have no idea why this doesn't work, it's definitely worth
> looking into.

So far, I have seen all timers elapsing around midnight. But once I
saw that, I quickly reverted to cron setup. One machine hasn't been
updated yet, I will do it next week and perform more testing.

But anyway, even if timers were spread between midnight and noon, this
is hardly ideal either. Servers running maintenance tasks at
unpredictable times, including work hours, is not really what I want
to see. I can live with randomness or without it, but I would like
more control over when things are happening, as had been possible with
cron.

I  submitted request for enhancement to systemd bug tracker. The link is:
https://bugs.freedesktop.org/show_bug.cgi?id=77938

However, now I started to worry about AccuracySec=12h. Even if systemd
maintainers implement a way to customize timer elapse time (as I
proposed in RFE), the long period in AccuracySec will then become a
problem.

Thanks
Maciej Puzio

From sugar.and.scruffy at gmail.com  Fri Apr 25 13:39:25 2014
From: sugar.and.scruffy at gmail.com (Curtis Shimamoto)
Date: Fri, 25 Apr 2014 10:39:25 -0700
Subject: [arch-general] pacman and keys
In-Reply-To: <535A181C.8010701@gmail.com>
References: <53564C53.3080508@gmail.com> <53564EC9.2000704@xbra.de>
 <53564F8D.8090109@gmail.com> <53565360.8030703@xbra.de>
 <535A181C.8010701@gmail.com>
Message-ID: <20140425173925.GA20827@thinkpad.home.lan>

On 04/25/14 at 10:09am, Heiko Becker wrote:
> Me again ...
> 
> Today I tried the update again. When using LANG=de_DE.UTF-8 everything runs
> as reported. When setting LANG=C before everything gets updated but I get
> some strange systemd errors on update:
 
 Why would you try to use LANG=C?  That is asking for trouble.

 See FS#36670. The bug report is about mkinitcpio, but the comments
 regarding locale are relevant here.

-- 
Curtis Shimamoto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140425/b06ea269/attachment.asc>

From p2pnet10 at gmail.com  Fri Apr 25 16:38:15 2014
From: p2pnet10 at gmail.com (pplive)
Date: Fri, 25 Apr 2014 16:38:15 -0400
Subject: [arch-general] Using Wayland/Weston in ArchLinux
Message-ID: <CAM5yXHeeDAsnYgnJi3f8K6UO=oE_Pm4sBs_47=a2UGG9cOtAhg@mail.gmail.com>

Dear all,

I have installed ArchLinux on a virtual machine hosted by my
VirtualBox. The desktop I picked is enlightenment

I have also installed wayland/weston by pacman.

I tried to play with weston according to the following page:

https://wiki.archlinux.org/index.php/wayland

If I just run weston, I can create a window, and I can configure the
height/width of the window.

However, when I tried "weston-launch", there is an error message

"weston-launch must be run from a virtual terminal"

When I tried "weston-flower", the error information is as follows:
"error: XDG_RUNTIME_DIR not set in the environment.
failed to connect to Wayland display: NO such file or directory
failed to create display: No such file or directory"

Did I miss something? Can somebody provide me some hints?

Thanks so much!

Best regards,
Alex

From krejzi at email.com  Fri Apr 25 16:55:47 2014
From: krejzi at email.com (Armin K.)
Date: Fri, 25 Apr 2014 22:55:47 +0200
Subject: [arch-general] Using Wayland/Weston in ArchLinux
In-Reply-To: <CAM5yXHeeDAsnYgnJi3f8K6UO=oE_Pm4sBs_47=a2UGG9cOtAhg@mail.gmail.com>
References: <CAM5yXHeeDAsnYgnJi3f8K6UO=oE_Pm4sBs_47=a2UGG9cOtAhg@mail.gmail.com>
Message-ID: <535ACBD3.6020104@email.com>

On 04/25/2014 10:38 PM, pplive wrote:
> Dear all,
> 
> I have installed ArchLinux on a virtual machine hosted by my
> VirtualBox. The desktop I picked is enlightenment
> 
> I have also installed wayland/weston by pacman.
> 
> I tried to play with weston according to the following page:
> 
> https://wiki.archlinux.org/index.php/wayland
> 
> If I just run weston, I can create a window, and I can configure the
> height/width of the window.
> 
> However, when I tried "weston-launch", there is an error message
> 
> "weston-launch must be run from a virtual terminal"
> 

As the message says, it must be run from a VT (tty). Since you're using
VBox, you won't be able to run it from VT with standard configuration.
VBox doesn't have proper graphics stack for that. fbdev backend works though

weston-launch -- --backend=fbdev-backend.so

> When I tried "weston-flower", the error information is as follows:
> "error: XDG_RUNTIME_DIR not set in the environment.
> failed to connect to Wayland display: NO such file or directory
> failed to create display: No such file or directory"
> 

No compositor (weston) running in the session you are starting
weston-flower from?

XDG_RUNTIME_DIR should be set by systemd at login.

> Did I miss something? Can somebody provide me some hints?
> 
> Thanks so much!
> 
> Best regards,
> Alex
> 


-- 
Note: My last name is not Krejzi.

From schaefer at trilug.org  Fri Apr 25 17:19:04 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Fri, 25 Apr 2014 17:19:04 -0400
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
In-Reply-To: <CACH_MLXCmq+VV2EK+bgn+L+6gJiy-iMmfC+VK1iEmdy0b-yaPg@mail.gmail.com>
References: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
 <5359396D.6070407@archlinux.org>
 <CACH_MLXCmq+VV2EK+bgn+L+6gJiy-iMmfC+VK1iEmdy0b-yaPg@mail.gmail.com>
Message-ID: <1398460744.3575.124.camel@wot>

It seems to me that, compared to cron/anacron, systemd timers currently
offer reduced functionality and no clear benefit (I don't consider the
act of uninstalling cron to have significant value in itself).  Losing
the ability to control when jobs run is giving up a lot; without that,
the more use is made of systemd timers, the more unpredictable the
results will be.

Perhaps I'm missing something, because I don't fully understand all the
points Thomas raised last month in his proposal on arch-dev-public:

> Pros:
> * enabled by default (in contrast to cronie)
> * systems without need for crontabs can disable/uninstall cron
> * service will be simpler than the rather long dropin scripts
> 
> Cons:
> * services are run in parallel instead of sequentially (is this even a
>   con? timer start will be randomized, and we can increase accuracy to an
>   hour to randomize even more)
> * no holdoff time after boot as it seems

pro#3 is a mystery to me, and missing from the "con" list is the point
Maciej raised about the effect random timer jobs can have on busy
servers.

If this ship is already sailing, though, the goal should be to add
functionality to systemd timers so that it becomes a real replacement
for cron, e.g. allow execution windows to be defined, jobs placed within
these windows, and scheduling parameters like acceptable degrees of
parallelism to be specified.  Something like that could be more powerful
and flexible than cron, and potentially easier to manage than a set of
crontabs.  Does anyone know if the systemd timers roadmap includes
anything like this?
Carl

From karol.blazewicz at gmail.com  Fri Apr 25 17:35:27 2014
From: karol.blazewicz at gmail.com (Karol Blazewicz)
Date: Fri, 25 Apr 2014 23:35:27 +0200
Subject: [arch-general] couchdb still at 1.5.0-2 even though it has been
 updated to 1.5.1-1 two weeks ago.
Message-ID: <CAO0v=MOuO3cBDC+MxDp9teu1MiEzW9fvZvONoJckyXOTCjXN0g@mail.gmail.com>

couchdb is still at 1.5.0-2 even though it has been updated to 1.5.1-1
two weeks ago.
https://projects.archlinux.org/svntogit/community.git/log/trunk?h=packages/couchdb
https://www.archlinux.org/packages/community/x86_64/couchdb/

Is something stuck? Did I miss something?

From lisaev at umail.iu.edu  Fri Apr 25 18:38:31 2014
From: lisaev at umail.iu.edu (Leonid Isaev)
Date: Fri, 25 Apr 2014 17:38:31 -0500
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
In-Reply-To: <1398460744.3575.124.camel@wot>
References: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
 <5359396D.6070407@archlinux.org>
 <CACH_MLXCmq+VV2EK+bgn+L+6gJiy-iMmfC+VK1iEmdy0b-yaPg@mail.gmail.com>
 <1398460744.3575.124.camel@wot>
Message-ID: <20140425173831.2e116300@bluemoon>

On Fri, 25 Apr 2014 17:19:04 -0400
Carl Schaefer <schaefer at trilug.org> wrote:

> It seems to me that, compared to cron/anacron, systemd timers currently
> offer reduced functionality and no clear benefit (I don't consider the
> act of uninstalling cron to have significant value in itself).

But then again, you don't maintain the cron package...

> Losing
> the ability to control when jobs run is giving up a lot; without that,
> the more use is made of systemd timers, the more unpredictable the
> results will be.

See systemd.timer(5) manpage. The timer configuration _should be_ one-to-one
equivalent to a crontab, except for a different syntax...

> 
> Perhaps I'm missing something, because I don't fully understand all the
> points Thomas raised last month in his proposal on arch-dev-public:
> 
> > Pros:
> > * enabled by default (in contrast to cronie)
> > * systems without need for crontabs can disable/uninstall cron
> > * service will be simpler than the rather long dropin scripts
> > 
> > Cons:
> > * services are run in parallel instead of sequentially (is this even a
> >   con? timer start will be randomized, and we can increase accuracy to an
> >   hour to randomize even more)
> > * no holdoff time after boot as it seems
> 
> pro#3 is a mystery to me,

Just compare {man-db,logrotate,updatedb}.service files with the corresponding
scripts in cron.daily...

> and missing from the "con" list is the point
> Maciej raised about the effect random timer jobs can have on busy
> servers.

So far, I have seen only (minor) inconveniences associated with switching to
the timers, which essentially have to do with system(d) startup time. Notice
that these issues will not be visible on servers because there systemd's
parallellization of the boot process is irrelevant.

The timer jobs are niced to 19 so if the server is busy they should wait, no?

> 
> If this ship is already sailing, though, the goal should be to add
> functionality to systemd timers so that it becomes a real replacement
> for cron, e.g. allow execution windows to be defined, jobs placed within
> these windows, and scheduling parameters like acceptable degrees of
> parallelism to be specified.  Something like that could be more powerful
> and flexible than cron, and potentially easier to manage than a set of
> crontabs.  Does anyone know if the systemd timers roadmap includes
> anything like this?

Ask this on [systemd-devel].

Cheers,
L.

-- 
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6  20DF 9291 EE8A 043C B8C4
                  C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140425/52122954/attachment.asc>

From schaefer at trilug.org  Fri Apr 25 20:32:37 2014
From: schaefer at trilug.org (Carl Schaefer)
Date: Fri, 25 Apr 2014 20:32:37 -0400
Subject: [arch-general] Comment on: Use systemd timers instead of
 /etc/cron.{hourly, daily, weekly, monthly}?
In-Reply-To: <20140425173831.2e116300@bluemoon>
References: <CACH_MLXUXM36YiLcd=v_ym+Ac4+KW+Kz=_SX6K+Fuhp_fj5EEw@mail.gmail.com>
 <5359396D.6070407@archlinux.org>
 <CACH_MLXCmq+VV2EK+bgn+L+6gJiy-iMmfC+VK1iEmdy0b-yaPg@mail.gmail.com>
 <1398460744.3575.124.camel@wot> <20140425173831.2e116300@bluemoon>
Message-ID: <1398472357.3575.147.camel@wot>

> > Losing
> > the ability to control when jobs run is giving up a lot; without that,
> > the more use is made of systemd timers, the more unpredictable the
> > results will be.
> 
> See systemd.timer(5) manpage. The timer configuration _should be_ one-to-one
> equivalent to a crontab, except for a different syntax...

thanks, the description of the OnCalendar syntax is actually in
systemd.time(7), and I'd missed it.  It does look like an improvement
over the crontab file syntax in readability, at least.

> > > * service will be simpler than the rather long dropin scripts
> > > 
> Just compare {man-db,logrotate,updatedb}.service files with the corresponding
> scripts in cron.daily...

if there's a complex script in cron.daily, I'd expect the service file
would have to invoke a similar script to do the same work.

> > and missing from the "con" list is the point
> > Maciej raised about the effect random timer jobs can have on busy
> > servers.
> 
> The timer jobs are niced to 19 so if the server is busy they should wait, no?

that sounds like a reasonable assumption, but based on the problem
report it may not be true.

thanks!
Carl

From schnouki at schnouki.net  Mon Apr 28 03:21:52 2014
From: schnouki at schnouki.net (Thomas Jost)
Date: Mon, 28 Apr 2014 09:21:52 +0200
Subject: [arch-general] couchdb still at 1.5.0-2 even though it has been
	updated to 1.5.1-1 two weeks ago.
In-Reply-To: <CAO0v=MOuO3cBDC+MxDp9teu1MiEzW9fvZvONoJckyXOTCjXN0g@mail.gmail.com>
References: <CAO0v=MOuO3cBDC+MxDp9teu1MiEzW9fvZvONoJckyXOTCjXN0g@mail.gmail.com>
Message-ID: <871twhdilr.fsf@schnouki.net>

Le 25 avril 2014 ? 23:35 CEST, Karol Blazewicz
<karol.blazewicz at gmail.com> a ?crit :
> couchdb is still at 1.5.0-2 even though it has been updated to 1.5.1-1
> two weeks ago.
> https://projects.archlinux.org/svntogit/community.git/log/trunk?h=packages/couchdb
> https://www.archlinux.org/packages/community/x86_64/couchdb/
>
> Is something stuck? Did I miss something?

1.5.1 was in the repos at some point, but 1.5.0 was quickly restored. In
my experience, 1.5.1 did not even start with systemctl when running
erlang-nox 17.0, and I had to manually downgrade to 1.5.0.

Currently there is activity in the CouchDB world about Erlang 17.0
support (https://issues.apache.org/jira/browse/COUCHDB-2200); this is
probably related.

But yeah, it would have been nice to annouce that on an Arch ML.

Cheers,
-- 
Thomas/Schnouki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140428/1c7fb964/attachment.asc>

From azuri at free.fr  Mon Apr 28 10:45:47 2014
From: azuri at free.fr (azuri at free.fr)
Date: Mon, 28 Apr 2014 16:45:47 +0200 (CEST)
Subject: [arch-general] Gnome 3.12 and password keyring
In-Reply-To: <1622451171.286638018.1397823105214.JavaMail.root@zimbra24-e5.priv.proxad.net>
Message-ID: <1629134513.315410692.1398696347033.JavaMail.root@zimbra24-e5.priv.proxad.net>

Hello,

Since my switch to gnome 3.12, I have a problem with the
"Passwordless login trick" [1].

I have added "auth sufficient pam_succeed_if.so user ingroup nopasswdlogin"
to /etc/pam.d/gdm-password.

With previous versions of gnome, when I launched evolution (for example),
as gnome-keyring wasn't unlock, I had a dialog asking for the password.

In 3.12, that dialog does not open and so evolution can't retrieve my mails
(same with epiphany that can't save passwords).

I have removed the line and it works fine, but I really prefer passwordless
logins (especially when switching between users or after idle!)

Do you have a clue what has changed and where I could look at?

Thanks,

[1] https://wiki.archlinux.org/index.php/GDM#Passwordless_login

From maykeldebian at gmail.com  Tue Apr 29 11:13:41 2014
From: maykeldebian at gmail.com (Maykel Franco)
Date: Tue, 29 Apr 2014 17:13:41 +0200
Subject: [arch-general] Error in wireshark-gtk2 in show interfaces for
	capture
In-Reply-To: <534829D7.4010702@gmail.com>
References: <CAJ2aOA_AxO5oouUtXAzFotdBxTtw81S2igK15LqiVL3xPcJVwA@mail.gmail.com>
 <534829D7.4010702@gmail.com>
Message-ID: <CAJ2aOA_EhfNoY6bWWtJH90P76hWSfwKpujD5+XkJGNy6yNudrQ@mail.gmail.com>

2014-04-11 19:43 GMT+02:00 Kyle Terrien <kyleterrien at gmail.com>:
> On 04/10/2014 05:04 AM, Maykel Franco wrote:
>> Hi, I have installed wireshark-gtk2. But when go to Capture/Interfaces
>> I get this error:
>>
>> There are no interfaces on which a capture can be done.
>>
>> I follow this steps:
>>
>> Setting network privileges for dumpcap
>>
>> 1. Ensure your linux kernel and filesystem supports File Capabilities
>> and also you have installed necessary tools.
>>
>> 2. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"
>>
>> 3. Start Wireshark as non-root and ensure you see the list of
>> interfaces and can do live capture.
>>
>> Limiting capture permission to only one group
>>
>> 1. Create user "wireshark" in group "wireshark".
>>
>> 2. "chgrp wireshark /usr/bin/dumpcap"
>>
>> 3. chmod 754 /usr/bin/dumpcap
>>
>> 4. "setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"
>>
>> 5. Ensure Wireshark works only from root and from a user in the
>> "wireshark" group
>>
>>
>> Thanks in advanced.
>>
>
> That's strange. This is the same error that appears when running
> wireshark as a user not assigned to the wireshark group.
>
> The only configuration I had to do was add myself to the wireshark group
> (which wireshark-gtk2 created):
>
> # gpasswd -a kyle wireshark
>
> This is according to the instructions on the wiki [1].
>
> Here is some information on how dumpcap is installed on my box:
>
>> kyle at landru ~ $ ls -la /usr/bin/dumpcap
>> -rwxr-xr-- 1 root wireshark 85648 Apr 10 12:45 /usr/bin/dumpcap
>> kyle at landru ~ $ getcap /usr/bin/dumpcap
>> /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
>> kyle at landru ~ $ stat /usr/bin/dumpcap
>>   File: ?/usr/bin/dumpcap?
>>   Size: 85648         Blocks: 168        IO Block: 4096   regular file
>> Device: 801h/2049d    Inode: 1069550     Links: 1
>> Access: (0754/-rwxr-xr--)  Uid: (    0/    root)   Gid: (  150/wireshark)
>> Access: 2014-04-11 10:35:22.830667985 -0700
>> Modify: 2014-04-10 12:45:35.000000000 -0700
>> Change: 2014-04-11 10:35:11.947230948 -0700
>>  Birth: -
>> kyle at landru ~ $ lsattr /usr/bin/dumpcap
>> -------------e-- /usr/bin/dumpcap
>> kyle at landru ~ $ pacman -Qo /usr/bin/dumpcap
>> /usr/bin/dumpcap is owned by wireshark-gtk2 1.10.6-1
>> kyle at landru ~ $
>
> --Kyle
>
> [1]: https://wiki.archlinux.org/index.php/Wireshark
>

After reboot the system archlinux, wireshark show the interfaces.

Thanks for all.

From csupercomputergeek at gmail.com  Tue Apr 29 18:06:43 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Tue, 29 Apr 2014 18:06:43 -0400
Subject: [arch-general] Optimizing boot
Message-ID: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>

Hello,

I want to have a sub-30 second boot time, so as to make it possible for me
to power down my computer and power back up at a moment's notice. Right
now, I have a (according to my watch) ~35 second boot time. I used
systemd-analyze, and discovered that NetworkManager.service is running for
12 seconds of that time! Also, polkit.service runs quite a while after
everything else, but that is less important.

How do I optimize NetworkManager.service to shorten boot times, especially
as I don't need a network first-thing?

-- 
- Toyam

From jan.steffens at gmail.com  Tue Apr 29 18:17:53 2014
From: jan.steffens at gmail.com (Jan Alexander Steffens)
Date: Wed, 30 Apr 2014 00:17:53 +0200
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
Message-ID: <CAMQ-g0cJbFUtU3E0YnuNXkAmgbCCAcsaLvq5F_H_QKp3GHi-hA@mail.gmail.com>

On Wed, Apr 30, 2014 at 12:06 AM, Toyam Cox
<csupercomputergeek at gmail.com> wrote:
> Hello,
>
> I want to have a sub-30 second boot time, so as to make it possible for me
> to power down my computer and power back up at a moment's notice. Right
> now, I have a (according to my watch) ~35 second boot time. I used
> systemd-analyze, and discovered that NetworkManager.service is running for
> 12 seconds of that time! Also, polkit.service runs quite a while after
> everything else, but that is less important.
>
> How do I optimize NetworkManager.service to shorten boot times, especially
> as I don't need a network first-thing?
>
> --
> - Toyam

Are you using a display manager? If not (getty), add a snippet for
getty at .service to use Type=simple instead of Type=idle (making it
start ASAP) and add "quiet" to the kernel command line so boot
messages are suppressed. This will allow you to log in with getty
while the system is still booting.

From csupercomputergeek at gmail.com  Tue Apr 29 18:28:42 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Tue, 29 Apr 2014 18:28:42 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <CAMQ-g0cJbFUtU3E0YnuNXkAmgbCCAcsaLvq5F_H_QKp3GHi-hA@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CAMQ-g0cJbFUtU3E0YnuNXkAmgbCCAcsaLvq5F_H_QKp3GHi-hA@mail.gmail.com>
Message-ID: <CACLfeX_Pae7yGU8S-KNSB+AFOsp+G-knbsR5DNeLxgCYZjUKVQ@mail.gmail.com>

On Tue, Apr 29, 2014 at 6:17 PM, Jan Alexander Steffens <
jan.steffens at gmail.com> wrote:

> On Wed, Apr 30, 2014 at 12:06 AM, Toyam Cox
> <csupercomputergeek at gmail.com> wrote:
> > Hello,
> >
> > I want to have a sub-30 second boot time, so as to make it possible for
> me
> > to power down my computer and power back up at a moment's notice. Right
> > now, I have a (according to my watch) ~35 second boot time. I used
> > systemd-analyze, and discovered that NetworkManager.service is running
> for
> > 12 seconds of that time! Also, polkit.service runs quite a while after
> > everything else, but that is less important.
> >
> > How do I optimize NetworkManager.service to shorten boot times,
> especially
> > as I don't need a network first-thing?
> >
> > --
> > - Toyam
>
> Are you using a display manager? If not (getty), add a snippet for
> getty at .service to use Type=simple instead of Type=idle (making it
> start ASAP) and add "quiet" to the kernel command line so boot
> messages are suppressed. This will allow you to log in with getty
> while the system is still booting.
>


I'm using LXDM, my attempt to be lightweight with a GUI. Would Type=simple
still work with LXDM? I notice it starts relatively soon in the boot
process, meaning I'd need to figure out getting polkit to start even
sooner, but is it an option?

-- 
- Toyam

From tk at kyriasis.com  Tue Apr 29 18:58:43 2014
From: tk at kyriasis.com (Tomasz Kramkowski)
Date: Tue, 29 Apr 2014 23:58:43 +0100
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_Pae7yGU8S-KNSB+AFOsp+G-knbsR5DNeLxgCYZjUKVQ@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CAMQ-g0cJbFUtU3E0YnuNXkAmgbCCAcsaLvq5F_H_QKp3GHi-hA@mail.gmail.com>
 <CACLfeX_Pae7yGU8S-KNSB+AFOsp+G-knbsR5DNeLxgCYZjUKVQ@mail.gmail.com>
Message-ID: <20140429225843.GA14845@arch>

On Tue, Apr 29, 2014 at 06:28:42PM -0400, Toyam Cox wrote:
> On Tue, Apr 29, 2014 at 6:17 PM, Jan Alexander Steffens <
> jan.steffens at gmail.com> wrote:
> 
> > On Wed, Apr 30, 2014 at 12:06 AM, Toyam Cox
> > <csupercomputergeek at gmail.com> wrote:
> > > Hello,
> > >
> > > I want to have a sub-30 second boot time, so as to make it possible for
> > me
> > > to power down my computer and power back up at a moment's notice. Right
> > > now, I have a (according to my watch) ~35 second boot time. I used
> > > systemd-analyze, and discovered that NetworkManager.service is running
> > for
> > > 12 seconds of that time! Also, polkit.service runs quite a while after
> > > everything else, but that is less important.
> > >
> > > How do I optimize NetworkManager.service to shorten boot times,
> > especially
> > > as I don't need a network first-thing?
> > >
> > > --
> > > - Toyam
> >
> > Are you using a display manager? If not (getty), add a snippet for
> > getty at .service to use Type=simple instead of Type=idle (making it
> > start ASAP) and add "quiet" to the kernel command line so boot
> > messages are suppressed. This will allow you to log in with getty
> > while the system is still booting.
> >
> 
> 
> I'm using LXDM, my attempt to be lightweight with a GUI. Would Type=simple
> still work with LXDM? I notice it starts relatively soon in the boot
> process, meaning I'd need to figure out getting polkit to start even
> sooner, but is it an option?
> 
> -- 
> - Toyam

LXDM is separate from getty. Getty runs on a TTY and prompts the user for a
username. LXDM is a display manager, it runs on the X server and also prompts
the user for a username and password. I doubt changing settings for one will
affect the other. (Even though getty should by default run on all 6 initially
available TTYs. Correct me if I'm wrong.)

If you really want to speed up boot times you might want to consider cutting
down on the Display Manager as it is not essential to using a DE/WM with X
server. But in the end, because LXDM is supposedly so lightweight, and I
presume that you count starting X and running a DE/WM a part of the boot
process, you might not get any speed advantage.

In the end, it really is a matter of what you consider a "booted" machine. I
can get from halted and powered off to getty in under or around 20 seconds, a
few seconds to log in, a few more for X server and under a second for i3wm (Yes
it's lightning speed.) and I can be "booted" into a graphical environment in
around 30 seconds.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140429/85e401c2/attachment.asc>

From simon.brand at postadigitale.de  Tue Apr 29 19:20:04 2014
From: simon.brand at postadigitale.de (Simon Brand)
Date: Wed, 30 Apr 2014 01:20:04 +0200
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
Message-ID: <536033A4.6000401@postadigitale.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Am 30.04.2014 00:06, schrieb Toyam Cox:
> NetworkManager.service is running for 12 seconds

Can you use static ip address in your network?
The dhcp client did eat a lot of time here, too.
9 sec boot here without cryptsetup and static ip.
Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iF4EAREIAAYFAlNgM6AACgkQkr64biT2RYQ/8gD/RL1Yz7oScI3k5PFQ6OuBfzf/
ZUJ1LEU5DYPLOQ2ixQ0A/ReXfrT+S4vwZGqPkZwMYH7kXw3ZGSDxpig01XSgHoK7
=jhMg
-----END PGP SIGNATURE-----

From csupercomputergeek at gmail.com  Tue Apr 29 19:34:19 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Tue, 29 Apr 2014 19:34:19 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <536033A4.6000401@postadigitale.de>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
Message-ID: <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>

On Tue, Apr 29, 2014 at 7:20 PM, Simon Brand
<simon.brand at postadigitale.de>wrote:

>
>
> Am 30.04.2014 00:06, schrieb Toyam Cox:
> > NetworkManager.service is running for 12 seconds
>
> Can you use static ip address in your network?
> The dhcp client did eat a lot of time here, too.
> 9 sec boot here without cryptsetup and static ip.
> Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm
>
>
I do not believe that would help, because often I start up in areas without
a network. Perhaps there is a way to get Network Manager to start after the
boot is completed, or at least not be a boot dependency?

-- 
- Toyam

From danielmicay at gmail.com  Tue Apr 29 19:47:03 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 29 Apr 2014 19:47:03 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
 <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
Message-ID: <536039F7.30008@gmail.com>

On 29/04/14 07:34 PM, Toyam Cox wrote:
> On Tue, Apr 29, 2014 at 7:20 PM, Simon Brand
> <simon.brand at postadigitale.de>wrote:
> 
>>
>>
>> Am 30.04.2014 00:06, schrieb Toyam Cox:
>>> NetworkManager.service is running for 12 seconds
>>
>> Can you use static ip address in your network?
>> The dhcp client did eat a lot of time here, too.
>> 9 sec boot here without cryptsetup and static ip.
>> Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm
>>
>>
> I do not believe that would help, because often I start up in areas without
> a network. Perhaps there is a way to get Network Manager to start after the
> boot is completed, or at least not be a boot dependency?

NetworkManager works fine with roaming and can be configured to use a
static IP on some networks but not others. I don't see what you have to
gain by removing it from the regular boot process... just make sure
you're not letting stuff block on it.

This is with NetworkManager enabled on a wireless network with a Samsung
840 EVO (it varies from ~2-3s for kernel + userspace):

Startup finished in 3.070s (firmware) + 60ms (loader) + 1.655s (kernel)
+ 676ms (userspace)

160ms NetworkManager.service

AFAIK it doesn't count the time needed to connect over DHCP... it's
often not connected by the time I have a browser and a few terminals
open in i3 since it takes 10 seconds.

Not that boot time should matter to anyone, since kernel upgrades aren't
every day and there's not much reason to reboot otherwise :P.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140429/64af1e41/attachment-0001.asc>

From csupercomputergeek at gmail.com  Tue Apr 29 19:55:30 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Tue, 29 Apr 2014 19:55:30 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <536039F7.30008@gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
 <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
 <536039F7.30008@gmail.com>
Message-ID: <CACLfeX_3fOjoWAwM7zGardUJkpi6LQT_z9_+zp3ZqqBa7b7S8g@mail.gmail.com>

On Tue, Apr 29, 2014 at 7:47 PM, Daniel Micay <danielmicay at gmail.com> wrote:

> On 29/04/14 07:34 PM, Toyam Cox wrote:
> > On Tue, Apr 29, 2014 at 7:20 PM, Simon Brand
> > <simon.brand at postadigitale.de>wrote:
> >
> >>
> >>
> >> Am 30.04.2014 00:06, schrieb Toyam Cox:
> >>> NetworkManager.service is running for 12 seconds
> >>
> >> Can you use static ip address in your network?
> >> The dhcp client did eat a lot of time here, too.
> >> 9 sec boot here without cryptsetup and static ip.
> >> Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm
> >>
> >>
> > I do not believe that would help, because often I start up in areas
> without
> > a network. Perhaps there is a way to get Network Manager to start after
> the
> > boot is completed, or at least not be a boot dependency?
>
> NetworkManager works fine with roaming and can be configured to use a
> static IP on some networks but not others. I don't see what you have to
> gain by removing it from the regular boot process... just make sure
> you're not letting stuff block on it.
>
> This is with NetworkManager enabled on a wireless network with a Samsung
> 840 EVO (it varies from ~2-3s for kernel + userspace):
>
> Startup finished in 3.070s (firmware) + 60ms (loader) + 1.655s (kernel)
> + 676ms (userspace)
>
> 160ms NetworkManager.service
>
> AFAIK it doesn't count the time needed to connect over DHCP... it's
> often not connected by the time I have a browser and a few terminals
> open in i3 since it takes 10 seconds.
>
> Not that boot time should matter to anyone, since kernel upgrades aren't
> every day and there's not much reason to reboot otherwise :P.
>
>

So something seems to be wrong here.
Startup finished in 4.637s (firmware) + 131ms (loader) + 2.790s (kernel) +
20.066s (userspace) = 27.626s

>12s NetworkManager.service

What sort of things should I check for? Is there an /etc config file I can
play with?

-- 
- Toyam

From danielmicay at gmail.com  Tue Apr 29 20:09:11 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 29 Apr 2014 20:09:11 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_3fOjoWAwM7zGardUJkpi6LQT_z9_+zp3ZqqBa7b7S8g@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
 <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
 <536039F7.30008@gmail.com>
 <CACLfeX_3fOjoWAwM7zGardUJkpi6LQT_z9_+zp3ZqqBa7b7S8g@mail.gmail.com>
Message-ID: <53603F27.1060101@gmail.com>

On 29/04/14 07:55 PM, Toyam Cox wrote:
> On Tue, Apr 29, 2014 at 7:47 PM, Daniel Micay <danielmicay at gmail.com> wrote:
> 
>> On 29/04/14 07:34 PM, Toyam Cox wrote:
>>> On Tue, Apr 29, 2014 at 7:20 PM, Simon Brand
>>> <simon.brand at postadigitale.de>wrote:
>>>
>>>>
>>>>
>>>> Am 30.04.2014 00:06, schrieb Toyam Cox:
>>>>> NetworkManager.service is running for 12 seconds
>>>>
>>>> Can you use static ip address in your network?
>>>> The dhcp client did eat a lot of time here, too.
>>>> 9 sec boot here without cryptsetup and static ip.
>>>> Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm
>>>>
>>>>
>>> I do not believe that would help, because often I start up in areas
>> without
>>> a network. Perhaps there is a way to get Network Manager to start after
>> the
>>> boot is completed, or at least not be a boot dependency?
>>
>> NetworkManager works fine with roaming and can be configured to use a
>> static IP on some networks but not others. I don't see what you have to
>> gain by removing it from the regular boot process... just make sure
>> you're not letting stuff block on it.
>>
>> This is with NetworkManager enabled on a wireless network with a Samsung
>> 840 EVO (it varies from ~2-3s for kernel + userspace):
>>
>> Startup finished in 3.070s (firmware) + 60ms (loader) + 1.655s (kernel)
>> + 676ms (userspace)
>>
>> 160ms NetworkManager.service
>>
>> AFAIK it doesn't count the time needed to connect over DHCP... it's
>> often not connected by the time I have a browser and a few terminals
>> open in i3 since it takes 10 seconds.
>>
>> Not that boot time should matter to anyone, since kernel upgrades aren't
>> every day and there's not much reason to reboot otherwise :P.
>>
>>
> 
> So something seems to be wrong here.
> Startup finished in 4.637s (firmware) + 131ms (loader) + 2.790s (kernel) +
> 20.066s (userspace) = 27.626s
> 
>> 12s NetworkManager.service
> 
> What sort of things should I check for? Is there an /etc config file I can
> play with?

Use an efistub loader like gummiboot if you're not already, use lz4
compression for the kernel, disable staggered spin-up, use a single
unsplit root partition and avoid remounting it, etc. I'm sure these
things are all on the wiki somewhere, because I remember writing some of it.

There's not really any magic to speed up starting a large number of
services, if that's what you're doing. All I have enabled is
chrony/pdnsd/NetworkManager and they don't block the boot process. I
just use agetty to start up i3.

I assume you've got something on the critical path depending on
NetworkManager like a Type=idle service.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140429/77c2118d/attachment.asc>

From csupercomputergeek at gmail.com  Tue Apr 29 21:00:36 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Tue, 29 Apr 2014 21:00:36 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <53603F27.1060101@gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
 <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
 <536039F7.30008@gmail.com>
 <CACLfeX_3fOjoWAwM7zGardUJkpi6LQT_z9_+zp3ZqqBa7b7S8g@mail.gmail.com>
 <53603F27.1060101@gmail.com>
Message-ID: <CACLfeX9bi4ki01t_bpkWru9ETr8FDNF0+GTeUnvEvnSx_axJNg@mail.gmail.com>

On Tue, Apr 29, 2014 at 8:09 PM, Daniel Micay <danielmicay at gmail.com> wrote:

> On 29/04/14 07:55 PM, Toyam Cox wrote:
> > On Tue, Apr 29, 2014 at 7:47 PM, Daniel Micay <danielmicay at gmail.com>
> wrote:
> >
> >> On 29/04/14 07:34 PM, Toyam Cox wrote:
> >>> On Tue, Apr 29, 2014 at 7:20 PM, Simon Brand
> >>> <simon.brand at postadigitale.de>wrote:
> >>>
> >>>>
> >>>>
> >>>> Am 30.04.2014 00:06, schrieb Toyam Cox:
> >>>>> NetworkManager.service is running for 12 seconds
> >>>>
> >>>> Can you use static ip address in your network?
> >>>> The dhcp client did eat a lot of time here, too.
> >>>> 9 sec boot here without cryptsetup and static ip.
> >>>> Server needs 20 sec without ssd, 15 sec for dhcpcd, mysql and php-fpm
> >>>>
> >>>>
> >>> I do not believe that would help, because often I start up in areas
> >> without
> >>> a network. Perhaps there is a way to get Network Manager to start after
> >> the
> >>> boot is completed, or at least not be a boot dependency?
> >>
> >> NetworkManager works fine with roaming and can be configured to use a
> >> static IP on some networks but not others. I don't see what you have to
> >> gain by removing it from the regular boot process... just make sure
> >> you're not letting stuff block on it.
> >>
> >> This is with NetworkManager enabled on a wireless network with a Samsung
> >> 840 EVO (it varies from ~2-3s for kernel + userspace):
> >>
> >> Startup finished in 3.070s (firmware) + 60ms (loader) + 1.655s (kernel)
> >> + 676ms (userspace)
> >>
> >> 160ms NetworkManager.service
> >>
> >> AFAIK it doesn't count the time needed to connect over DHCP... it's
> >> often not connected by the time I have a browser and a few terminals
> >> open in i3 since it takes 10 seconds.
> >>
> >> Not that boot time should matter to anyone, since kernel upgrades aren't
> >> every day and there's not much reason to reboot otherwise :P.
> >>
> >>
> >
> > So something seems to be wrong here.
> > Startup finished in 4.637s (firmware) + 131ms (loader) + 2.790s (kernel)
> +
> > 20.066s (userspace) = 27.626s
> >
> >> 12s NetworkManager.service
> >
> > What sort of things should I check for? Is there an /etc config file I
> can
> > play with?
>
> Use an efistub loader like gummiboot if you're not already, use lz4
> compression for the kernel, disable staggered spin-up, use a single
> unsplit root partition and avoid remounting it, etc. I'm sure these
> things are all on the wiki somewhere, because I remember writing some of
> it.
>
> There's not really any magic to speed up starting a large number of
> services, if that's what you're doing. All I have enabled is
> chrony/pdnsd/NetworkManager and they don't block the boot process. I
> just use agetty to start up i3.
>
> I assume you've got something on the critical path depending on
> NetworkManager like a Type=idle service.
>
>
I read the wiki page today, actually. I have 1 root partition, and another
for /usr and another for /var. / is /sda2, near the beginning of the
physical disk. How do I check what is depending on what? It seems it's only
the multi-boot.target that waits for it...

-- 
- Toyam

From danielmicay at gmail.com  Tue Apr 29 21:13:04 2014
From: danielmicay at gmail.com (Daniel Micay)
Date: Tue, 29 Apr 2014 21:13:04 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX9bi4ki01t_bpkWru9ETr8FDNF0+GTeUnvEvnSx_axJNg@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <536033A4.6000401@postadigitale.de>
 <CACLfeX_ZaCjX58m20q6gyuFzCGQgfAX0LMnHo31VNOrS3uKqeQ@mail.gmail.com>
 <536039F7.30008@gmail.com>
 <CACLfeX_3fOjoWAwM7zGardUJkpi6LQT_z9_+zp3ZqqBa7b7S8g@mail.gmail.com>
 <53603F27.1060101@gmail.com>
 <CACLfeX9bi4ki01t_bpkWru9ETr8FDNF0+GTeUnvEvnSx_axJNg@mail.gmail.com>
Message-ID: <53604E20.40601@gmail.com>

On 29/04/14 09:00 PM, Toyam Cox wrote:
> On Tue, Apr 29, 2014 at 8:09 PM, Daniel Micay <danielmicay at gmail.com> wrote:
> 
> I read the wiki page today, actually. I have 1 root partition, and another
> for /usr and another for /var. / is /sda2, near the beginning of the
> physical disk.

That's going to take more time to deal with than a single partition, and
you're probably doing a pointless remount of / via fstab.

In my opinion, there's little advantage to splitting it up into pieces
now that we have the protected hardlink option enabled. If it's about
space usage, then quotas seem saner.

> How do I check what is depending on what? It seems it's only
> the multi-boot.target that waits for it...

Use `systemctl list-dependencies` on whatever service you're using to
log in (display manager, agetty).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20140429/ef4f380b/attachment.asc>

From j.l.k at gmx.com  Wed Apr 30 03:22:45 2014
From: j.l.k at gmx.com (=?ISO-8859-1?Q?Jakub_Klinkovsk=FD?=)
Date: Wed, 30 Apr 2014 09:22:45 +0200
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
Message-ID: <e919baba-fc10-4f6a-8b73-d2b9bc5acb70@email.android.com>

On 30 April 2014 00:06:43 CEST, Toyam Cox <csupercomputergeek at gmail.com> wrote:
>Hello,
>
>I want to have a sub-30 second boot time, so as to make it possible for
>me
>to power down my computer and power back up at a moment's notice. Right
>now, I have a (according to my watch) ~35 second boot time. I used
>systemd-analyze, and discovered that NetworkManager.service is running
>for
>12 seconds of that time! Also, polkit.service runs quite a while after
>everything else, but that is less important.
>
>How do I optimize NetworkManager.service to shorten boot times,
>especially
>as I don't need a network first-thing?
>
>-- 
>- Toyam

Just a wild guess: https://bbs.archlinux.org/viewtopic.php?id=180099

From csupercomputergeek at gmail.com  Wed Apr 30 05:56:55 2014
From: csupercomputergeek at gmail.com (Toyam Cox)
Date: Wed, 30 Apr 2014 05:56:55 -0400
Subject: [arch-general] Optimizing boot
In-Reply-To: <e919baba-fc10-4f6a-8b73-d2b9bc5acb70@email.android.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <e919baba-fc10-4f6a-8b73-d2b9bc5acb70@email.android.com>
Message-ID: <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>

On Wed, Apr 30, 2014 at 3:22 AM, Jakub Klinkovsk? <j.l.k at gmx.com> wrote:

> On 30 April 2014 00:06:43 CEST, Toyam Cox <csupercomputergeek at gmail.com>
> wrote:
> >Hello,
> >
> >I want to have a sub-30 second boot time, so as to make it possible for
> >me
> >to power down my computer and power back up at a moment's notice. Right
> >now, I have a (according to my watch) ~35 second boot time. I used
> >systemd-analyze, and discovered that NetworkManager.service is running
> >for
> >12 seconds of that time! Also, polkit.service runs quite a while after
> >everything else, but that is less important.
> >
> >How do I optimize NetworkManager.service to shorten boot times,
> >especially
> >as I don't need a network first-thing?
> >
> >--
> >- Toyam
>
> Just a wild guess: https://bbs.archlinux.org/viewtopic.php?id=180099
>

Startup finished in 4.215s (firmware) + 176ms (loader) + 2.939s (kernel) +
11.166s (userspace) = 18.497s

Thank you very much! NetworkManager takes a much more reasonable 1.4
seconds now. It would not have occured to me to have the journal checked. I
also enabled readahead, and now LXDE starts before I'm finished booting, a
very nice feature.

-- 
- Toyam

From mike.cloaked at gmail.com  Wed Apr 30 06:08:14 2014
From: mike.cloaked at gmail.com (Mike Cloaked)
Date: Wed, 30 Apr 2014 11:08:14 +0100
Subject: [arch-general] Optimizing boot
In-Reply-To: <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <e919baba-fc10-4f6a-8b73-d2b9bc5acb70@email.android.com>
 <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
Message-ID: <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>

On Wed, Apr 30, 2014 at 10:56 AM, Toyam Cox <csupercomputergeek at gmail.com>wrote:

>
> Startup finished in 4.215s (firmware) + 176ms (loader) + 2.939s (kernel) +
> 11.166s (userspace) = 18.497s
>
> Thank you very much! NetworkManager takes a much more reasonable 1.4
> seconds now. It would not have occured to me to have the journal checked. I
> also enabled readahead, and now LXDE starts before I'm finished booting, a
> very nice feature.


Just a comment about boot times. The overall boot performance will depend
not only on optimising an individual setup, but also is dependent on the
hardware as well as which boot manager is being used.  So an older laptop
with a hard drive, using BIOS boot and optimised will still see much longer
boot time than say a new laptop running a fast i7 processor, with an ssd,
using UEFI and also optimised.  Certainly I have an old laptop that takes
around 35 seconds to boot to the login prompt from when the boot manager
takes over after POST using BIOS legacy boot, but a similarly set up and
optimised new Haswell i7 laptop, with msata ssd using refind for UEFI boot
takes about 7 seconds to reach the KDM login prompt. Of course for a
specific system it may be possible to shave some seconds off the boot time,
but it will also depend on which server daemons need to be started as well.
So adding dovecot, an MTA, and maybe a DHCP server all add to the time
taken to complete the boot process.

So comparisons of absolute boot times from different machines are difficult
to interpret.

-- 
mike c

From pdgiddie at gmail.com  Wed Apr 30 06:28:52 2014
From: pdgiddie at gmail.com (Paul Gideon Dann)
Date: Wed, 30 Apr 2014 11:28:52 +0100
Subject: [arch-general] Optimizing boot
In-Reply-To: <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
 <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>
Message-ID: <1519180.Bu0VdLa7sg@leto>

On Wednesday 30 Apr 2014 11:08:14 Mike Cloaked wrote:
> Just a comment about boot times. The overall boot performance will depend
> not only on optimising an individual setup, but also is dependent on the
> hardware as well as which boot manager is being used.  So an older laptop
> with a hard drive, using BIOS boot and optimised will still see much longer
> boot time than say a new laptop running a fast i7 processor, with an ssd,
> using UEFI and also optimised.  Certainly I have an old laptop that takes
> around 35 seconds to boot to the login prompt from when the boot manager
> takes over after POST using BIOS legacy boot, but a similarly set up and
> optimised new Haswell i7 laptop, with msata ssd using refind for UEFI boot
> takes about 7 seconds to reach the KDM login prompt. Of course for a
> specific system it may be possible to shave some seconds off the boot time,
> but it will also depend on which server daemons need to be started as well.
> So adding dovecot, an MTA, and maybe a DHCP server all add to the time
> taken to complete the boot process.
> 
> So comparisons of absolute boot times from different machines are difficult
> to interpret.

Since we're on the topic, does anyone have a clue how I can find out why systemd hangs for 
ages when I shut down or reboot? The display server is shut down, I'm placed in a TTY with a 
"shutting-down" message, but then it looks like it's waiting for something that never happens, 
and then I think I see something flash past about a watchdog timeout before it proceeds. If I 
could get rid of that hanging step, it would save me waiting 60 seconds or however long each 
time I reboot (which is infrequently enough that it's only been a mild annoyance so far).

What's the correct way to diagnose this? I don't think systemd-analyze can handle 
shutdown. Could this be an initrd thing?

Paul

From neuhauser+archlinux at sigpipe.cz  Wed Apr 30 06:32:15 2014
From: neuhauser+archlinux at sigpipe.cz (Roman Neuhauser)
Date: Wed, 30 Apr 2014 12:32:15 +0200
Subject: [arch-general] trunk-only zombie packages in the community repo
Message-ID: <20140430103215.GC14255@isis.sigpipe.cz>

hello,

i'd like a clarification regarding the structure of the community.git
repository, and what it means for certains paths to exist or not.

there's a bunch of directories that have a trunk/ subdir but no repos/.
i'm curious what these directories represent.  they're not packages, according
to https://www.archlinux.org/packages/.

latest commits affecting most of these directories have "db-remove: ..." for
subject, and i'd guess they should've been removed completely.  if i'm reading
the wiki[0] correctly, /packages/db-remove may not the best ui for complete
package removal, since the packager needs to perform two extra steps to DTRT:

  Removing a package

    ssh nymeria.archlinux.org
    /packages/db-remove repo-name arch packagename
    i.e. /packages/db-remove core i686 openssh 

  And if you want to really kill the package, you will need to

  svn rm

  the entire package directory after the above steps and commit the deletion.

another page omits this information completely[1].

[0] https://wiki.archlinux.org/index.php/DeveloperWiki:HOWTO_Be_A_Packager#Removing_a_package
[1] https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#Accessing_and_Updating_the_Repository

some of these directories are different, though:

6915e45 dwallace       bring darcs up to date
d52af52 rvanharen      add --libexecdir
e052323 seblu          Prepare addition of the nftables framework
8d33b95 svenstaro      Add box2d python bindings
35a0304 dwallace       move xen from aur to community

(d18d090 may be hiding more).  what are these?  there's also aur/darcs,
is it in violation of the first rule in [1]?  i guess not, since
community/darcs does not get built.  but that only points back at the
original question.

[1] https://wiki.archlinux.org/index.php/Arch_packaging_standards#Submitting_packages_to_the_AUR

=====

unpublished (trunk-only) directories:

% comm -13 =(print -l */repos(:h)) =(print -l */trunk(:h)) | xargs -n 3 | column -t
agsync                arm-elf-binutils          arm-elf-gcc-base
bind-geodns           binutils-multilib         blueman
bmake-mk-files        ccmalloc                  cdfs
cedet                 checkinstall              cupsddk
darcs                 e-modules-extra-svn       e-svn
e_dbus-svn            ecore-svn                 edje-svn
eet-svn               eeze-svn                  efl-svn
efreet-svn            eina-svn                  eio-svn
ejabberd-mod_archive  ejabberd-mod_mysql        ejabberd-mod_pgsql
elementary-svn        embryo-svn                emesene
emotion-svn           emprint-svn               ethumb-svn
evas-svn              evas_generic_loaders-svn  evilwm
fbshot                fltk2                     fxdesktop
galago-daemon         gambas2                   glib2-docs
glibc-static          gmime22                   gmime24
gnash                 gnomesu                   google-gadgets
gsynaptics            haskell-temporary         htmldoc
icewm-utils           id3lib-rcc                inputattach
iptables-nftables     ipython2                  ircservices
jack2-multilib        lastfm-client             lib32-libusb
lib32-libusb-compat   lib32-qt                  libgalago
libgalago-gtk         libgda3                   liblinebreak
libphobos             linux-usermode            llvm-amdgpu-snapshot
lmctl                 metamail                  mingw32-binutils
mingw32-gcc           mingw32-gcc-base          mingw32-pthreads
mingw32-runtime       mingw32-w32api            ndiswrapper
open-iscsi            open-vm-tools-modules     oss
pam_pwcheck           paraview                  perl-extutils-makemaker
pidgin-facebookchat   pmtools                   poweriso
preload               pybox2d                   pyqt3
python-cjson          python-galago             python-galago-gtk
python-gasp           python-genshi             python-gnutls
python-irclib         python-lcms               python-pychart
python-vorbissimple   python2-galago            python2-irclib
python2-pyzmq         python2-slip              python2-vobject
python2-xlib          qscintilla-qt3            qtorrent
rusxmms               sbaz                      skype-oss
skype-staticqt        slmodem                   stopwatch
stormbaancoureur      synce-librapi             synce-libsynce
synce-serial          synce-vdccm               taglib-rcc
tasks                 ted                       tomoyo-tools
tora                  tucan                     virtinst
wdm                   wifi-select               xen
xfmedia               yacpi

=====

most recent commits affecting each of the above:

% comm -13 =(print -l */repos(:h)) =(print -l */trunk(:h)) \
  | xargs -n 1 git --no-pager log -1 --pretty=format:'%h %<(14)%an %s%n' --         
87b37c8 spupykin       db-remove: agsync removed by spupykin
619b0d0 spupykin       db-remove: arm-elf-binutils removed by spupykin
9dd957a spupykin       db-remove: arm-elf-gcc-base removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
1a7bcb1 heftig         db-remove: binutils-multilib removed by heftig
26aecf1 spupykin       db-remove: blueman removed by spupykin
c4d9fb9 spupykin       db-remove: bmake-mk-files removed by spupykin
1901a50 spupykin       db-remove: ccmalloc removed by spupykin
eaa2bfa tpowa          db-remove: cdfs removed by tpowa
d537669 spupykin       db-remove: cedet removed by spupykin
303f954 spupykin       db-remove: checkinstall removed by spupykin
6d9eb3d spupykin       db-remove: cupsddk removed by spupykin
6915e45 dwallace       bring darcs up to date
a098f08 ronald         db-remove: e-modules-extra-svn removed by ronald
70e9c7d ronald         db-remove: e-svn removed by ronald
7310fb3 ronald         db-remove: e_dbus-svn removed by ronald
0625dd2 ronald         db-remove: ecore-svn removed by ronald
0528294 ronald         db-remove: edje-svn removed by ronald
4bdeda0 ronald         db-remove: eet-svn removed by ronald
8779d06 ronald         db-remove: eeze-svn removed by ronald
d52af52 rvanharen      add --libexecdir
cf16203 ronald         db-remove: efreet-svn removed by ronald
26ced48 ronald         db-remove: eina-svn removed by ronald
d7c5163 ronald         db-remove: eio-svn removed by ronald
d7bdbdf spupykin       db-remove: ejabberd-mod_archive removed by spupykin
d445317 spupykin       db-remove: ejabberd-mod_mysql removed by spupykin
9054b22 spupykin       db-remove: ejabberd-mod_pgsql removed by spupykin
09d2476 ronald         db-remove: elementary-svn removed by ronald
3802193 ronald         db-remove: embryo-svn removed by ronald
bfca47c heftig         db-remove: emesene removed by heftig
e0c5b4f ronald         db-remove: emotion-svn removed by ronald
a9ce99b ronald         db-remove: emprint-svn removed by ronald
1b56c20 ronald         db-remove: ethumb-svn removed by ronald
6a2db8f ronald         db-remove: evas-svn removed by ronald
ff4487a ronald         db-remove: evas_generic_loaders-svn removed by ronald
714fcff arodseth       db-remove: evilwm removed by arodseth
df14ca0 spupykin       db-remove: fbshot removed by spupykin
69cb068 spupykin       db-remove: fltk2 removed by spupykin
05affea spupykin       db-remove: fxdesktop removed by spupykin
3d9110d spupykin       db-remove: galago-daemon removed by spupykin
f564a73 lcarlier       db-remove: gambas2 removed by lcarlier
7f242c8 spupykin       db-remove: glib2-docs removed by spupykin
6c3ebb6 allan          db-remove: glibc-static removed by allan
7b25be5 spupykin       db-remove: gmime22 removed by spupykin
3875330 spupykin       db-remove: gmime24 removed by spupykin
36492f6 heftig         db-remove: gnash removed by heftig
2ecae51 spupykin       db-remove: gnomesu removed by spupykin
d6b5af1 schiv          db-remove: google-gadgets removed by schiv
522a6d1 spupykin       db-remove: gsynaptics removed by spupykin
62e996c thestinger     db-remove: haskell-temporary removed by thestinger
5a904bf spupykin       db-remove: htmldoc removed by spupykin
5d31de9 spupykin       db-remove: icewm-utils removed by spupykin
7a5e42d spupykin       db-remove: id3lib-rcc removed by spupykin
757c030 spupykin       db-remove: inputattach removed by spupykin
e052323 seblu          Prepare addition of the nftables framework
e7de811 arodseth       db-remove: ipython2 removed by arodseth
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
c9d93bb speps          db-remove: jack2-multilib removed by speps
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
0e05f1c andrea         db-remove: lib32-qt removed by andrea
2ed2054 spupykin       db-remove: libgalago removed by spupykin
aa5c593 spupykin       db-remove: libgalago-gtk removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
5ab104e spupykin       db-remove: liblinebreak removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
f9f99fa andyrtr        db-remove: llvm-amdgpu-snapshot removed by andyrtr
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d36fa34 spupykin       db-remove: metamail removed by spupykin
2f54be5 spupykin       db-remove: mingw32-binutils removed by spupykin
a1060fb spupykin       db-remove: mingw32-gcc removed by spupykin
873dc91 spupykin       db-remove: mingw32-gcc-base removed by spupykin
8555205 spupykin       db-remove: mingw32-pthreads removed by spupykin
ea3e831 spupykin       db-remove: mingw32-runtime removed by spupykin
98d1f5f spupykin       db-remove: mingw32-w32api removed by spupykin
9f2f953 tpowa          db-remove: ndiswrapper removed by tpowa
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
422388a tpowa          db-remove: open-vm-tools-modules removed by tpowa
f67d4a0 kkeen          db-remove: oss removed by kkeen
a826aa8 spupykin       db-remove: pam_pwcheck removed by spupykin
a070216 stephane       db-remove: paraview removed by stephane
9b4d729 spupykin       git-svn-id: file:///srv/repos/svn-community/svn at 102986 9fca08f4-af9d-4005-b8df-a31f2cc04f65
a7ab005 jsteel         db-remove: pidgin-facebookchat removed by jsteel
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d36584e spupykin       db-remove: poweriso removed by spupykin
1a2ff2a arodseth       db-remove: preload removed by arodseth
8d33b95 svenstaro      Add box2d python bindings
e409b82 spupykin       db-remove: pyqt3 removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
7a26b2f spupykin       db-remove: python-galago removed by spupykin
ad678eb spupykin       db-remove: python-galago-gtk removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
d1847fd spupykin       db-remove: python2-galago removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
3600804 kkeen          db-remove: python2-pyzmq removed by kkeen
8382306 alucryd        db-remove: python2-slip removed by alucryd
67926d1 arodseth       db-remove: python2-vobject removed by arodseth
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
a5cb58c spupykin       db-remove: qscintilla-qt3 removed by spupykin
2791ab8 spupykin       db-remove: qtorrent removed by spupykin
556d8a7 spupykin       db-remove: rusxmms removed by spupykin
187f5fb spupykin       db-remove: sbaz removed by spupykin
1a7fe88 kkeen          db-remove: skype-oss removed by kkeen
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
7408f89 spupykin       db-remove: slmodem removed by spupykin
1ecce8b spupykin       db-remove: stopwatch removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
9c6b856 spupykin       db-remove: synce-librapi removed by spupykin
5482f3d spupykin       db-remove: synce-libsynce removed by spupykin
63cddbd spupykin       db-remove: synce-serial removed by spupykin
c3f754d spupykin       db-remove: synce-vdccm removed by spupykin
5825c06 spupykin       db-remove: taglib-rcc removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
1f3e467 spupykin       db-remove: ted removed by spupykin
97fb422 spupykin       db-remove: tomoyo-tools removed by spupykin
d18d090 foutrelis      Revert r78782: Full pkgdesc cleanup for 2339 packages
2a52a3f arodseth       db-remove: tucan removed by arodseth
31f12b3 spupykin       db-remove: virtinst removed by spupykin
79d5c2c spupykin       db-remove: wdm removed by spupykin
08bc536 spupykin       db-remove: wifi-select removed by spupykin
35a0304 dwallace       move xen from aur to community
ffe3db2 spupykin       db-remove: xfmedia removed by spupykin
8929a15 spupykin       db-remove: yacpi removed by spupykin

-- 
roman

From registo.mailling at gmail.com  Wed Apr 30 06:46:03 2014
From: registo.mailling at gmail.com (Mauro Santos)
Date: Wed, 30 Apr 2014 11:46:03 +0100
Subject: [arch-general] Optimizing boot
In-Reply-To: <1519180.Bu0VdLa7sg@leto>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
 <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>
 <1519180.Bu0VdLa7sg@leto>
Message-ID: <5360D46B.4020509@gmail.com>

On 30-04-2014 11:28, Paul Gideon Dann wrote:

> Since we're on the topic, does anyone have a clue how I can find out why systemd hangs for 
> ages when I shut down or reboot? The display server is shut down, I'm placed in a TTY with a 
> "shutting-down" message, but then it looks like it's waiting for something that never happens, 
> and then I think I see something flash past about a watchdog timeout before it proceeds. If I 
> could get rid of that hanging step, it would save me waiting 60 seconds or however long each 
> time I reboot (which is infrequently enough that it's only been a mild annoyance so far).
> 
> What's the correct way to diagnose this? I don't think systemd-analyze can handle 
> shutdown. Could this be an initrd thing?

Check the output of journalctl and look for lines with timeout (use grep
-i timeout).

I've experienced this before (90 seconds timeout) and I found out that
some systemd service related to the user session was not terminating,
and systemd waits for it until the timeout elapses.

This happened to me when I had the rootfs in a f2fs partition, ext4 and
btrfs don't seem to trigger this problem. The workaround I used at the
time was to extend the unit file by explicitly adding a shorter timeout
10~15s.

-- 
Mauro Santos

From gesh at gesh.uni.cx  Wed Apr 30 06:36:05 2014
From: gesh at gesh.uni.cx (Gesh)
Date: Wed, 30 Apr 2014 13:36:05 +0300
Subject: [arch-general] Optimizing boot
In-Reply-To: <1519180.Bu0VdLa7sg@leto>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
 <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>
 <1519180.Bu0VdLa7sg@leto>
Message-ID: <8a3038c2-727e-4a59-bd89-d17c67817f98@email.android.com>

On April 30, 2014 1:28:52 PM GMT+03:00, Paul Gideon Dann <pdgiddie at gmail.com> wrote:
>On Wednesday 30 Apr 2014 11:08:14 Mike Cloaked wrote:
>> Just a comment about boot times. The overall boot performance will
>depend
>> not only on optimising an individual setup, but also is dependent on
>the
>> hardware as well as which boot manager is being used.  So an older
>laptop
>> with a hard drive, using BIOS boot and optimised will still see much
>longer
>> boot time than say a new laptop running a fast i7 processor, with an
>ssd,
>> using UEFI and also optimised.  Certainly I have an old laptop that
>takes
>> around 35 seconds to boot to the login prompt from when the boot
>manager
>> takes over after POST using BIOS legacy boot, but a similarly set up
>and
>> optimised new Haswell i7 laptop, with msata ssd using refind for UEFI
>boot
>> takes about 7 seconds to reach the KDM login prompt. Of course for a
>> specific system it may be possible to shave some seconds off the boot
>time,
>> but it will also depend on which server daemons need to be started as
>well.
>> So adding dovecot, an MTA, and maybe a DHCP server all add to the
>time
>> taken to complete the boot process.
>> 
>> So comparisons of absolute boot times from different machines are
>difficult
>> to interpret.
>
>Since we're on the topic, does anyone have a clue how I can find out
>why systemd hangs for 
>ages when I shut down or reboot? The display server is shut down, I'm
>placed in a TTY with a 
>"shutting-down" message, but then it looks like it's waiting for
>something that never happens, 
>and then I think I see something flash past about a watchdog timeout
>before it proceeds. If I 
>could get rid of that hanging step, it would save me waiting 60 seconds
>or however long each 
>time I reboot (which is infrequently enough that it's only been a mild
>annoyance so far).
>
>What's the correct way to diagnose this? I don't think systemd-analyze
>can handle 
>shutdown. Could this be an initrd thing?
>
>Paul

I see the same thing on my box.
The system shuts down, I get a message to that effect printed, yet the hardware keeps running for more than 3m. Eventually, I always cold-shutdown the computer when it reaches that state.
Any ideas why this is?
Gesh

From pdgiddie at gmail.com  Wed Apr 30 07:56:13 2014
From: pdgiddie at gmail.com (Paul Gideon Dann)
Date: Wed, 30 Apr 2014 12:56:13 +0100
Subject: [arch-general] Optimizing boot
In-Reply-To: <5360D46B.4020509@gmail.com>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <1519180.Bu0VdLa7sg@leto> <5360D46B.4020509@gmail.com>
Message-ID: <15719225.VCxtZIipFM@leto>

On Wednesday 30 Apr 2014 11:46:03 Mauro Santos wrote:
> Check the output of journalctl and look for lines with timeout (use grep
> -i timeout).
> 
> I've experienced this before (90 seconds timeout) and I found out that
> some systemd service related to the user session was not terminating,
> and systemd waits for it until the timeout elapses.
> 
> This happened to me when I had the rootfs in a f2fs partition, ext4 and
> btrfs don't seem to trigger this problem. The workaround I used at the
> time was to extend the unit file by explicitly adding a shorter timeout
> 10~15s.

Thanks, this got me on the right track. It was indeed nothing specifically to do with shutdown, 
but just a custom unit I'd written for fcgiwrap. Looks like there was some bad interaction 
between systemd trying to kill all the process tree and the master process trying to keep the 
workers alive. The unit was timing out (90 seconds, as you said). Fixed by adding:

PostExec=/usr/bin/kill $MAINPID

Reboot seems to be fine now. This was one of those things I assumed would be messy until I 
actually took the time to look into it :p That'll teach me to test custom units a little more 
carefully!

Thanks,
Paul

From darose at darose.net  Wed Apr 30 11:34:41 2014
From: darose at darose.net (David Rosenstrauch)
Date: Wed, 30 Apr 2014 11:34:41 -0400
Subject: [arch-general] Hanging on log out
Message-ID: <53611811.6050806@darose.net>

Been having a problem in recent weeks that I'm unable to fix or even 
diagnose.

When I log out of my desktop, the machine just hangs with a blank X 
windows screen.  (I.e., black screen with mouse cursor pointer.)  I'm 
able switch to a console and successfully issue the "sudo poweroff" 
command from there.  But the system never brings me back to an X login 
screen.

I'm not sure what package is causing the problem here.  I run XFCE with 
LXDM as my DM.  My initial guess was that this is an issue with 
xfce4-session, since a) I see a zombie "sh" process under xfce4-session 
when I look at the process list, and b) when I kill xfce4-session I 
successfully get back to a login screen.  But I also see that the 
xfce4-session package hasn't been updated since September, so I'd think 
it's unlikely that that's what's causing the problem.

Anyone got any pointers in the right direction for me on this?

Thanks,

DR

From scimmia at archlinux.info  Wed Apr 30 11:39:52 2014
From: scimmia at archlinux.info (Doug Newgard)
Date: Wed, 30 Apr 2014 10:39:52 -0500
Subject: [arch-general] Hanging on log out
In-Reply-To: <53611811.6050806@darose.net>
References: <53611811.6050806@darose.net>
Message-ID: <3d4819d2100c117888281ad2d4bdc990@archlinux.info>

On 2014-04-30 10:34, David Rosenstrauch wrote:
> Been having a problem in recent weeks that I'm unable to fix or even 
> diagnose.
> 
> When I log out of my desktop, the machine just hangs with a blank X
> windows screen.  (I.e., black screen with mouse cursor pointer.)  I'm
> able switch to a console and successfully issue the "sudo poweroff"
> command from there.  But the system never brings me back to an X login
> screen.
> 
> I'm not sure what package is causing the problem here.  I run XFCE
> with LXDM as my DM.  My initial guess was that this is an issue with
> xfce4-session, since a) I see a zombie "sh" process under
> xfce4-session when I look at the process list, and b) when I kill
> xfce4-session I successfully get back to a login screen.  But I also
> see that the xfce4-session package hasn't been updated since
> September, so I'd think it's unlikely that that's what's causing the
> problem.
> 
> Anyone got any pointers in the right direction for me on this?
> 
> Thanks,
> 
> DR

https://bugs.archlinux.org/task/40110

From rodrigorivascosta at gmail.com  Wed Apr 30 17:26:48 2014
From: rodrigorivascosta at gmail.com (Rodrigo Rivas)
Date: Wed, 30 Apr 2014 23:26:48 +0200
Subject: [arch-general] Optimizing boot
In-Reply-To: <1519180.Bu0VdLa7sg@leto>
References: <CACLfeX_AX1e9depVp-9g7r0CXzBZpfvqRB7T_Mh0TbrBC9A4iw@mail.gmail.com>
 <CACLfeX9L7wPRkTg+RMVXQCTtsNWBo1e46Jerp3bZdZTgNKKhuQ@mail.gmail.com>
 <CAOCAAm7Rtyf5=m1ZoVJyNpzMQ=_AGaroCHrLoUVkD4pr2bQpvw@mail.gmail.com>
 <1519180.Bu0VdLa7sg@leto>
Message-ID: <CABNG1c14r4C5r-amkCNUXozWYNHgxv4-2mzB5AgFBGysO-wPdw@mail.gmail.com>

On Wed, Apr 30, 2014 at 12:28 PM, Paul Gideon Dann <pdgiddie at gmail.com> wrote:
> Since we're on the topic, does anyone have a clue how I can find out why systemd hangs for
> ages when I shut down or reboot? The display server is shut down, I'm placed in a TTY with a
> "shutting-down" message, but then it looks like it's waiting for something that never happens,
> and then I think I see something flash past about a watchdog timeout before it proceeds. If I
> could get rid of that hanging step, it would save me waiting 60 seconds or however long each
> time I reboot (which is infrequently enough that it's only been a mild annoyance so far).
>
> What's the correct way to diagnose this? I don't think systemd-analyze can handle
> shutdown. Could this be an initrd thing?

Although the original problem has already been solved, I'll post my
trick to debug this kind of issues with systemd:

* Before doing the thing that causes the problem run as root
`systemctl start debug-shell`. If the problem is in the boot sequence,
then run `systemctl enable debug-shell` and then restart.
* That unit will open a root shell in TTY9, so beware of the security
issues if you let that enabled. This shell will be enabled from the
early boot until the final shutdown.
* When the system hangs, switch to TTY9, with Alt+F9 or Ctrl+Alt+F9
and get access to the debug shell. There you can run `systemctl
list-jobs` or `journalctl -b` to see what is wrong with your system.

HTH
-
Rodrigo

From claudelepoisson at gmail.com  Wed Apr 30 23:26:43 2014
From: claudelepoisson at gmail.com (Alexandre de Verteuil)
Date: Wed, 30 Apr 2014 23:26:43 -0400
Subject: [arch-general] On-boot delay due to timer units
In-Reply-To: <53502BFB.1090104@archlinux.org>
References: <20140417135612.1cae79de@bluemoon> <53502BFB.1090104@archlinux.org>
Message-ID: <20140501032643.GA6338@gmail.com>

* Thomas B?chler <thomas at archlinux.org> [2014-04-17 21:31] :
> I think another solution in systemd would be introducing a holdoff time:
> Instead of running immediately on boot, the timer should be scheduled
> for boot+5min.
> 
> This requires some investigation - sorry, I don't have a quick solution
> right now.

Hi,

I'm experiencing the same problem caused by updatedb launching on
boot. This fixes it until the desired feature is added to systemd.timer:

## /etc/systemd/system/updatedb.service.d/delay.conf
[Service]
# Trick to avoid launching updatedb when the system is booted.
ExecStartPre=-/usr/bin/bash -c '[ $(cut -d. -f1 /proc/uptime) -lt 120 ] && sleep 120'
## EOF

If the system is up since less than 120 seconds, waits 120 seconds. Also,
failure does not prevent running ExecStart= given the "-" before the
command line.

Best regards,
-- 
Alexandre de Verteuil <claudelepoisson at gmail.com>
public key ID : 0xDD237C00
http://alexandre.deverteuil.net/